Ltd 5464-key-error-registration #2180
Conversation
| try: | ||
| response = client.get(settings.AUTHBROKER_PROFILE_URL) | ||
| response.raise_for_status() | ||
| except HTTPError as ex: | ||
| logger.info( | ||
| "Error with SSO getting profile: %s ", | ||
| ex, | ||
| ) | ||
| raise ex |
There was a problem hiding this comment.
This can be slightly simplified by doing:
response = client.get(settings.AUTHBROKER_PROFILE_URL)
try:
response.raise_for_status()
except HTTPError:
logger.info("Error with SSO", exc_info=True)
raise
| try: | ||
| self.profile = get_profile(self.request.authbroker_client) | ||
| except HTTPError: |
There was a problem hiding this comment.
Instead of checking for the HTTPError here could we actually check to see if the token that the authbroker_client has is still valid?
I believe most tokens have their own timeout associated with them and that means we could differentiate between a timeout on the token and some other kind of error coming from the auth provider.
Having looked at the ticket you suggest that this is because the refresh token is timing out, however that's a long-lived token but this comment implies that the token that's failing is a short-lived one (which isn't the refresh token). What is the thing that's actually timing out? |
https://uktrade.atlassian.net/browse/LTD-5464
This is to rectify an error that manifests itself when registering a new user.
If the user takes too long to fill in their name then when we attempt to get the profile from the SSO service it silently fails.
This is because the token used to make this call is very short lived but the session/token is still active hence we don't redirect using the loginmixin.
By redirecting the user to the login screen we force a token refresh and the user will either be directed to login if they don't have an active token or it gets refreshed and they return back to the register-name screen.