Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Log authorization callback errors #7463

Merged
merged 3 commits into from
Nov 6, 2024
Merged

fix: Log authorization callback errors #7463

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2f6b91a
fix: log auth errors
hoxbro Nov 5, 2024
781731d
Add test
hoxbro Nov 5, 2024
c3b3f8c
Set status code to 403
hoxbro Nov 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions panel/io/server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -426,6 +426,7 @@ def _authorize(self, session=False):
auth_error = None
except Exception:
auth_error = f'Authorization callback errored. Could not validate user {state.user}.'
logger.warning(auth_error)
return authorized, auth_error

def _render_auth_error(self, auth_error):
Expand Down Expand Up @@ -455,6 +456,7 @@ async def get(self, *args, **kwargs):
if authorized is None:
return
elif not authorized:
self.set_status(403)
page = self._render_auth_error(auth_error)
self.set_header("Content-Type", 'text/html')
self.write(page)
Expand Down
28 changes: 26 additions & 2 deletions panel/tests/command/test_serve.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,14 @@
import tempfile
import time

from textwrap import dedent

import pytest
import requests

from panel.tests.util import (
linux_only, run_panel_serve, unix_only, wait_for_port, wait_for_regex,
write_file,
NBSR, linux_only, run_panel_serve, unix_only, wait_for_port,
wait_for_regex, write_file,
)


Expand Down Expand Up @@ -175,3 +177,25 @@ def test_serve_setup(tmp_path):
with run_panel_serve(["--port", "0", py, "--setup", setup_py], cwd=tmp_path) as p:
_, output = wait_for_regex(p.stdout, regex=regex, return_output=True)
assert output[0].strip() == "Setup running before"


def test_serve_authorize_callback_exception(tmp_path):
app = "import panel as pn; pn.panel('Hello').servable()"
py = tmp_path / "app.py"
py.write_text(app)

setup_app = """\
import panel as pn
def auth(userinfo):
raise ValueError("This is an error")
pn.config.authorize_callback = auth"""
setup_py = tmp_path / "setup.py"
setup_py.write_text(dedent(setup_app))

regex = re.compile('(Authorization callback errored)')
with run_panel_serve(["--port", "0", py, "--setup", setup_py], cwd=tmp_path) as p:
nsbr = NBSR(p.stdout)
port = wait_for_port(nsbr)
resp = requests.get(f"http://localhost:{port}/")
wait_for_regex(nsbr, regex=regex)
assert resp.status_code == 403
5 changes: 4 additions & 1 deletion panel/tests/util.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -395,7 +395,10 @@ def readline(self, timeout=None):
return None

def wait_for_regex(stdout, regex, count=1, return_output=False):
nbsr = NBSR(stdout)
if isinstance(stdout, NBSR):
nbsr = stdout
else:
nbsr = NBSR(stdout)
m = None
output, found = [], []
for _ in range(20):
Expand Down
Loading