From 206c8c9795d3d60e0c0c8eed1c7675667d8de412 Mon Sep 17 00:00:00 2001
From: rhoerbe <rainer@hoerbe.at>
Date: Fri, 12 Jul 2019 22:34:54 +0200
Subject: [PATCH] fix various logging issues

do not obfuscate interactive error message by default
remove redundant logging in SATOSAbase.__call__
correction of saml2.InvalidSignature exception (workaround)
format debug data of POST parameters with json
---
 src/satosa/base.py         | 24 ++++------------------
 src/satosa/proxy_server.py | 41 ++++++++++++++++++++++++--------------
 2 files changed, 30 insertions(+), 35 deletions(-)

diff --git a/src/satosa/base.py b/src/satosa/base.py
index e4df21619..3a891b04e 100644
--- a/src/satosa/base.py
+++ b/src/satosa/base.py
@@ -279,26 +279,10 @@ def run(self, context):
         :param context: The request context
         :return: response
         """
-        try:
-            self._load_state(context)
-            spec = self.module_router.endpoint_routing(context)
-            resp = self._run_bound_endpoint(context, spec)
-            self._save_state(resp, context)
-        except SATOSANoBoundEndpointError:
-            raise
-        except SATOSAError:
-            satosa_logging(logger, logging.ERROR, "Uncaught SATOSA error ", context.state,
-                           exc_info=True)
-            raise
-        except UnknownSystemEntity as err:
-            satosa_logging(logger, logging.ERROR,
-                           "configuration error: unknown system entity " + str(err),
-                           context.state, exc_info=False)
-            raise
-        except Exception as err:
-            satosa_logging(logger, logging.ERROR, "Uncaught exception", context.state,
-                           exc_info=True)
-            raise SATOSAUnknownError("Unknown error") from err
+        self._load_state(context)
+        spec = self.module_router.endpoint_routing(context)
+        resp = self._run_bound_endpoint(context, spec)
+        self._save_state(resp, context)
         return resp
 
 
diff --git a/src/satosa/proxy_server.py b/src/satosa/proxy_server.py
index 3c8259978..a87441a8c 100644
--- a/src/satosa/proxy_server.py
+++ b/src/satosa/proxy_server.py
@@ -2,6 +2,7 @@
 import json
 import logging
 import logging.config
+import os
 import sys
 from urllib.parse import parse_qsl
 
@@ -9,8 +10,10 @@
 
 from .base import SATOSABase
 from .context import Context
-from .response import ServiceError, NotFound
+from .exception import SATOSAErrorNoTraceback
+from .response import BadRequest, ServiceError, NotFound
 from .routing import SATOSANoBoundEndpointError
+from saml2.response import IncorrectlySigned
 from saml2.s_utils import UnknownSystemEntity
 
 logger = logging.getLogger(__name__)
@@ -41,7 +44,7 @@ def unpack_post(environ, content_length):
     elif "application/json" in environ["CONTENT_TYPE"]:
         data = json.loads(post_body)
 
-    logger.debug("unpack_post:: %s", data)
+    logger.debug("unpack_post: " + json.dumps(data))
     return data
 
 
@@ -57,7 +60,7 @@ def unpack_request(environ, content_length=0):
     elif environ["REQUEST_METHOD"] == "POST":
         data = unpack_post(environ, content_length)
 
-    logger.debug("read request data: %s", data)
+    logger.debug("read request data: " + json.dumps(data))
     return data
 
 
@@ -113,20 +116,28 @@ def __call__(self, environ, start_response, debug=False):
             resp = self.run(context)
             if isinstance(resp, Exception):
                 raise resp
-            return resp(environ, start_response)
         except SATOSANoBoundEndpointError:
             resp = NotFound(
-                    "The Service or Identity Provider"
-                    "you requested could not be found.")
-            return resp(environ, start_response)
-        except Exception as err:
-            if type(err) != UnknownSystemEntity:
-                logger.exception("%s" % err)
-            if debug:
-                raise
-
-            resp = ServiceError("%s" % err)
-            return resp(environ, start_response)
+                "The Service or Identity Provider you requested could not be found.")
+        except IncorrectlySigned:
+            logger.error('Unkown system entity or invalid message signature')
+            resp = BadRequest(message='Unkown system entity or invalid message signature')
+        except SATOSAErrorNoTraceback as e:
+            logger.error("%s" % e)
+            if os.getenv("OBFUSCATE_INTERACTIVE_ERRMSG", None):
+                msg = 'Proxy error (configuration, request, etc - confer to log file)'
+            else:
+                msg = '{} ({})'.format(e, type(e).__name__)
+            resp = ServiceError(message=msg)
+        except (UnknownSystemEntity, Exception) as e:
+            logger.exception("%s" % e)
+            if os.getenv("OBFUSCATE_INTERACTIVE_ERRMSG", None):
+                msg = 'Proxy error (configuration, request, etc - confer to log file)'
+            else:
+                msg = '{} ({})'.format(e, type(e).__name__)
+            resp = ServiceError(message=msg)
+
+        return resp(environ, start_response)
 
 
 def make_app(satosa_config):