New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rescue StandardError makes all development errors failures #1030
Comments
You’ll want to take a look at the |
If you're looking to preserve raising the errors out in development I'd suggest something like on_failure do |env|
if Rails.env.development?
OmniAuth::FailureEndpoint.call(env)
else
SessionsController.action(:failure).call(env)
end
end |
Yes. That's effectively what we've done. We still think it's strange that omniauth is intercepting all errors (not just the ones relevant to omniauth). |
I'll look into it a bit more, it really should only be catching errors that occur during the auth process |
Hi, I have the same problem. I use a omniauth-saml gem. I found the omniauth-saml gem calls the |
Thanks for the report and additional information @trysmr, I think this is a bug in omniauth-saml and will release a patch for that gem. |
I saw #1032 and it is similar. The error behaviour changed with the release of 2.0.2. Now the failure mode is a redirect loop and the error is printed in the console. |
I have been looking into this, I haven't decided the best course of action yet. @pgwillia it looks like your session controller isn't handling the error but just redirecting to root? |
@BobbyMcWho good observation. That's what we've told it to do. @trysmr has summarized the issue that still persists. |
So looking into a few strategies and how they have implemented the other_phase, it seems like they almost all call |
Since the other_phase is not a common process for each omniauth strategy, I think it is better to leave its error handling to each strategy. I am facing the redirect loop problem too. Luckily, I don't implement /metadata, /slo, /spslo paths, so I have temporarily undefined it now. |
I just thought of one. How about adding an begin
return options_call if on_auth_path? && options_request?
return request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
return callback_call if on_callback_path?
return other_phase if on_auth_path? && respond_to?(:other_phase)
rescue StandardError => e
return fail!(e.message, e)
end |
Ran into this today too, when when using omniauth with devise this totally masks any errors that happen. It also makes it very very difficult to find out why things are failing. Rescuing StandardError should be considered an anti-pattern; you could instead scope the errors you catch to specifically authentication errors. |
Unfortunately, the commit that adds the rescue does not explain why the rescue was added. Perhaps just undo it since there's no rationale included? |
If anyone can try out the branch for this pr and let me know if it resolves it for you: #1035 |
Since bumping omniauth from 1.9.1 to 2.0.1 in our application all development errors have become failures. For example I purposefully introduce an error to a view. It is caught by omniauth and calls fail which means that we can no longer use better_errors to debug.
Is there something that we misconfigured in omniauth setup? We catch the failures to give users a message in their browser
https://github.com/ualbertalib/jupiter/blob/fe8409b9d4b4345e409c91a0cf6744b9ce4b91ba/config/initializers/omniauth.rb#L22
We can make this conditional based on environment but wondering if there is a better way?
omniauth/lib/omniauth/strategy.rb
Lines 190 to 197 in 40e354c
The text was updated successfully, but these errors were encountered: