return anonymous profile instead of 400 when the token can not be dec…

…oded
orthanc-team · Jun 28, 2024 · 06cdad9 · 06cdad9
1 parent 259d179
commit 06cdad9
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 2 deletions.
diff --git a/release-notes.md b/release-notes.md
@@ -4,6 +4,10 @@ SPDX-FileCopyrightText: 2022 - 2024 Orthanc Team SRL <[email protected]>
 SPDX-License-Identifier: GPL-3.0-or-later
 -->
 
+- when requesting a user-profile with e.g. a basic auth token, the auth-service now
+  returns the Anonymous profile instead of a 400 such that the auth-plugin can cache
+  the response.
+
 v 24.6.0
 ========
 

diff --git a/sources/orthanc_auth_service/app.py b/sources/orthanc_auth_service/app.py
@@ -197,7 +197,7 @@ def decode_token(request: TokenDecoderRequest):
 
 @app.post("/user/get-profile", dependencies=basic_auth_dependencies)  # this is a POST and not a GET because we want to same kind of payload as for other routes
 def get_user_profile(user_profile_request: UserProfileRequest):
-    logging.info("get user profile: " + user_profile_request.json())
+    logging.info(f"get user profile from token '{user_profile_request.token_key}'")
 
     anonymous_profile = UserProfileResponse(
                 name="Anonymous",
@@ -226,8 +226,11 @@ def get_user_profile(user_profile_request: UserProfileRequest):
         # not a valid user profile, consider it is anonymous
         return anonymous_profile
     except jwt.exceptions.PyJWTError:
-        raise HTTPException(status_code=400, detail=str("Unable to decode token"))
+        logging.error("Unable to decode JWT token - this might happen if trying to decode a basic auth token instead of a JWT - returning anonymous profile")
+        return anonymous_profile
+
     except Exception as ex:
+        logging.error("Unexpected error: " + str(ex))
         raise HTTPException(status_code=400, detail=str("Unexpected error: " + str(ex)))