api: restructure exception generation to be more ergonomic in the code

This commit is contained in:
lilly 2026-05-14 16:23:52 +02:00
commit 2f991a6b02
Signed by: lilly
SSH key fingerprint: SHA256:y9T5GFw2A20WVklhetIxG1+kcg/Ce0shnQmbu1LQ37g
5 changed files with 153 additions and 81 deletions

View file

@ -31,7 +31,9 @@ async def get_current_user(
id_token = oidc_client.decode_id_token(
req.cookies["id_token"], nonce=req.cookies["auth_nonce"]
)
return models.CurrentUser(id_token=id_token, raw_id_token=req.cookies["id_token"])
return models.CurrentUser(
id_token=id_token, raw_id_token=req.cookies["id_token"]
)
# if we have a refresh token, try to get new tokens
if all(i in req.cookies for i in ("refresh_token", "auth_nonce")):
@ -45,13 +47,13 @@ async def get_current_user(
# return the newly gotten info
id_token = oidc_client.decode_id_token(token_resp.id_token)
return models.CurrentUser(id_token=id_token, raw_id_token=token_resp.id_token)
return models.CurrentUser(
id_token=id_token, raw_id_token=token_resp.id_token
)
# otherwise we can't meaningfully recover any user information or the user is simply not authenticated
logger.debug("no currently authenticated user")
raise exceptions.HttpProblemException(
models.HttpProblemDetail.new_unauthorized(req.url)
)
raise exceptions.HttpProblemException.unauthorized(req.url)
def persist_auth_state(