From f5dc4130531a67083299b0ef9a823deb83574db9 Mon Sep 17 00:00:00 2001
From: Bailey Henry <Henry.Bailey@windriver.com>
Date: Mon, 26 Jun 2023 12:13:30 -0400
Subject: [PATCH] handle responses for oidc_auth

The oidc_auth.py does not handle non-success results, but gives trace in
all (most) conditions.  Handle responses for the following conditions:

dex mis-configuration of baseND
invalid hostname for WAD server (DNS lookup fail)
oidc-client pod not running (111 connection refused)
incorrect dex server IP oidc-auth commandline parameter
incorrect username or password
generic catch all - unknown responses

Test Plan:
PASS  pylint
PASS  test cases for all the above
PASS  success path test case
PASS  AIO-SX

Closes-Bug: 2024494

Change-Id: I31908a4412a8d02de39af6b8966b2359405222d1
Signed-off-by: Henry Bailey <henry.bailey@windriver.com>
---
 .../oidcauthtools/oidcauthtools/oidc_auth.py  | 33 +++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/oidc-auth-tools/oidcauthtools/oidcauthtools/oidc_auth.py b/oidc-auth-tools/oidcauthtools/oidcauthtools/oidc_auth.py
index 8af3f54..0caa241 100644
--- a/oidc-auth-tools/oidcauthtools/oidcauthtools/oidc_auth.py
+++ b/oidc-auth-tools/oidcauthtools/oidcauthtools/oidc_auth.py
@@ -9,9 +9,11 @@
 from argparse import ArgumentParser
 import getpass
 import mechanize
+import re
 import six
 import ssl
 import sys
+import urllib
 
 
 def main():
@@ -55,7 +57,19 @@ def main():
     br.addheaders = [("User-agent", "Mozilla/5.0")]
 
     # Open browser on dexClientUrl
-    dexLoginPage = br.open(dexClientUrl)
+    try:
+        dexLoginPage = br.open(dexClientUrl)
+    except urllib.error.URLError as e:
+        conv_e = str(e.reason)
+        e_code = re.search(r"\d+", conv_e)
+        if (e_code.group()) == "111":
+            print('Check oidc-auth-apps application pod status')
+        elif (e_code.group()) == "113":
+            print('Check command line parameter OIDC client IP address (-c)')
+        else:
+            print('Unexpected error when addressing the OIDC Client endpoint')
+        print('Error: %s' % e)
+        sys.exit(1)
 
     # If there are links on this page, then more than one
     # backends are configured. Pick the correct backend
@@ -109,7 +123,22 @@ def main():
 
     if verbose:
         print("\ndexLoginPage SUBMITTING FORM --> ...")
-    dexLoginGrantAccessResponse = br.submit()
+    try:
+        dexLoginGrantAccessResponse = br.submit()
+    except mechanize.HTTPError as e:
+        if e.code == 500:
+            # handles mis-configuration of baseND for example
+            # handles DNS lookup failure for example
+            print('Dex server replied with HTTP error code 500.\n'
+                  'Review the dex server pod log and configuration '
+                  'to resolve the error.')
+        elif e.code == 401:
+            print('Failed to authenticate - check username/password')
+        else:
+            print('Unexpected error returned from the dex server; '
+                  'check pod status and logs')
+        print('Error: %s' % e)
+        sys.exit(1)
 
     # grant access final response
     if verbose: