gets if response is not a dict. catch User not found exception

2022-10-04 17:40:51 -05:00 · 2022-10-04 17:40:51 -05:00 · 4147adf7d0
commit 4147adf7d0
parent 953bab77cb
1 changed files with 42 additions and 33 deletions
--- a/wp_oauth_backend/wp_oauth.py
+++ b/wp_oauth_backend/wp_oauth.py
@ -138,7 +138,12 @@ class StepwiseMathWPOAuth2(BaseOAuth2):
            logger.warning('get_user_details() - response object is missing.')
            tainted = True

-        if type(response)==dict:
+        if type(response)!=dict:
+            logger.warning('get_user_details() -  was expecting a response object of type dict but received an object of type {t}'.format(
+                t=type(response)
+            ))
+            tainted = True
+
        # a def in the third_party_auth pipeline list calls get_user_details() after its already
        # been called once. i don't know why. but, it passes the original get_user_details() dict
        # enhanced with additional token-related keys. if we receive this modified dict then we 
@ -178,6 +183,9 @@ class StepwiseMathWPOAuth2(BaseOAuth2):
            logger.error('response object is missing or misformed, and no cached results were found. Cannot get user details from oauth provider.')
            return None

+        # ---------------------------------------------------------------------
+        # build and internally cache the get_user_details() dict
+        # ---------------------------------------------------------------------

        # try to parse out the first and last names
        split_name = response.get('display_name', '').split()
@ -189,7 +197,6 @@ class StepwiseMathWPOAuth2(BaseOAuth2):
        super_user = 'administrator' in user_roles
        is_staff = 'administrator' in user_roles

-        # build the get_user_details() dict
        self._user_details = {
            'id': int(response.get('ID'), 0),
            'username': response.get('user_login', ''),
@ -239,10 +246,12 @@ class StepwiseMathWPOAuth2(BaseOAuth2):

        # add syncronization of any data fields that get missed by the built-in
        # open edx third party authentication sync functionality.
+        try:
+            # this gets called just prior to account creation for
+            # new users, hence, we need to catch DoesNotExist
+            # exceptions.
            user=User.objects.get(username=user_details['username'])
-
-        if not user:
-            # this seems exceedingly unlikely, but, you never know.
+        except User.DoesNotExist:
            return user_details

        if (user.is_superuser != user_details['is_superuser']) or (user.is_staff != user_details['is_staff']):