alan-turing-institute / apricot

An OpenID Connect LDAP proxy
BSD 3-Clause "New" or "Revised" License
14 stars 3 forks source link

Improve message when backend cannot be reached #10

Closed jemrobinson closed 8 months ago

jemrobinson commented 8 months ago

If the backend is inaccessible, there is a rather opaque stack trace. This should be improved.

2024-02-14 13:37:32+0000 [-] Traceback (most recent call last):
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/connectionpool.py", line 467, in _make_request
2024-02-14 13:37:32+0000 [-]     self._validate_conn(conn)
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/connectionpool.py", line 1092, in _validate_conn
2024-02-14 13:37:32+0000 [-]     conn.connect()
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/connection.py", line 642, in connect
2024-02-14 13:37:32+0000 [-]     sock_and_verified = _ssl_wrap_socket_and_match_hostname(
2024-02-14 13:37:32+0000 [-]                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/connection.py", line 783, in _ssl_wrap_socket_and_match_hostname
2024-02-14 13:37:32+0000 [-]     ssl_sock = ssl_wrap_socket(
2024-02-14 13:37:32+0000 [-]                ^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/util/ssl_.py", line 469, in ssl_wrap_socket
2024-02-14 13:37:32+0000 [-]     ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls, server_hostname)
2024-02-14 13:37:32+0000 [-]                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/util/ssl_.py", line 513, in _ssl_wrap_socket_impl
2024-02-14 13:37:32+0000 [-]     return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
2024-02-14 13:37:32+0000 [-]            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/usr/local/lib/python3.11/ssl.py", line 517, in wrap_socket
2024-02-14 13:37:32+0000 [-]     return self.sslsocket_class._create(
2024-02-14 13:37:32+0000 [-]            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/usr/local/lib/python3.11/ssl.py", line 1108, in _create
2024-02-14 13:37:32+0000 [-]     self.do_handshake()
2024-02-14 13:37:32+0000 [-]   File "/usr/local/lib/python3.11/ssl.py", line 1379, in do_handshake
2024-02-14 13:37:32+0000 [-]     self._sslobj.do_handshake()
2024-02-14 13:37:32+0000 [-] ssl.SSLEOFError: [SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1006)
2024-02-14 13:37:32+0000 [-] 
2024-02-14 13:37:32+0000 [-] During handling of the above exception, another exception occurred:
2024-02-14 13:37:32+0000 [-] 
2024-02-14 13:37:32+0000 [-] Traceback (most recent call last):
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/connectionpool.py", line 790, in urlopen
2024-02-14 13:37:32+0000 [-]     response = self._make_request(
2024-02-14 13:37:32+0000 [-]                ^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/connectionpool.py", line 491, in _make_request
2024-02-14 13:37:32+0000 [-]     raise new_e
2024-02-14 13:37:32+0000 [-] urllib3.exceptions.SSLError: [SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1006)
2024-02-14 13:37:32+0000 [-] 
2024-02-14 13:37:32+0000 [-] The above exception was the direct cause of the following exception:
2024-02-14 13:37:32+0000 [-] 
2024-02-14 13:37:32+0000 [-] Traceback (most recent call last):
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/requests/adapters.py", line 486, in send
2024-02-14 13:37:32+0000 [-]     resp = conn.urlopen(
2024-02-14 13:37:32+0000 [-]            ^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/connectionpool.py", line 844, in urlopen
2024-02-14 13:37:32+0000 [-]     retries = retries.increment(
2024-02-14 13:37:32+0000 [-]               ^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/urllib3/util/retry.py", line 515, in increment
2024-02-14 13:37:32+0000 [-]     raise MaxRetryError(_pool, url, reason) from reason  # type: ignore[arg-type]
2024-02-14 13:37:32+0000 [-]     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-] urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /cb94a6f6-ef7a-42ab-bcad-4f0b887cfd3e/oauth2/v2.0/token (Caused by SSLError(SSLEOFError(8, '[SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1006)')))
2024-02-14 13:37:32+0000 [-] 
2024-02-14 13:37:32+0000 [-] During handling of the above exception, another exception occurred:
2024-02-14 13:37:32+0000 [-] 
2024-02-14 13:37:32+0000 [-] Traceback (most recent call last):
2024-02-14 13:37:32+0000 [-]   File "/app/apricot/apricot_server.py", line 28, in __init__
2024-02-14 13:37:32+0000 [-]     oauth_client = OAuthClientMap[backend](
2024-02-14 13:37:32+0000 [-]                    ^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/app/apricot/oauth/microsoft_entra_client.py", line 21, in __init__
2024-02-14 13:37:32+0000 [-]     super().__init__(
2024-02-14 13:37:32+0000 [-]   File "/app/apricot/oauth/oauth_client.py", line 49, in __init__
2024-02-14 13:37:32+0000 [-]     json_response = self.session_application.fetch_token(
2024-02-14 13:37:32+0000 [-]                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/requests_oauthlib/oauth2_session.py", line 341, in fetch_token
2024-02-14 13:37:32+0000 [-]     r = self.request(
2024-02-14 13:37:32+0000 [-]         ^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/requests_oauthlib/oauth2_session.py", line 521, in request
2024-02-14 13:37:32+0000 [-]     return super(OAuth2Session, self).request(
2024-02-14 13:37:32+0000 [-]            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:32+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/requests/sessions.py", line 589, in request
2024-02-14 13:37:33+0000 [-]     resp = self.send(prep, **send_kwargs)
2024-02-14 13:37:33+0000 [-]            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:33+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/requests/sessions.py", line 703, in send
2024-02-14 13:37:33+0000 [-]     r = adapter.send(request, **kwargs)
2024-02-14 13:37:33+0000 [-]         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:33+0000 [-]   File "/root/.local/share/hatch/env/virtual/apricot-server/9TtSrW0h/apricot-server/lib/python3.11/site-packages/requests/adapters.py", line 517, in send
2024-02-14 13:37:33+0000 [-]     raise SSLError(e, request=request)
2024-02-14 13:37:33+0000 [-] requests.exceptions.SSLError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /cb94a6f6-ef7a-42ab-bcad-4f0b887cfd3e/oauth2/v2.0/token (Caused by SSLError(SSLEOFError(8, '[SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1006)')))
2024-02-14 13:37:33+0000 [-] 
2024-02-14 13:37:33+0000 [-] The above exception was the direct cause of the following exception:
2024-02-14 13:37:33+0000 [-] 
2024-02-14 13:37:33+0000 [-] Traceback (most recent call last):
2024-02-14 13:37:33+0000 [-]   File "/app/run.py", line 25, in <module>
2024-02-14 13:37:33+0000 [-]     reactor = ApricotServer(**vars(args))
2024-02-14 13:37:33+0000 [-]               ^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-02-14 13:37:33+0000 [-]   File "/app/apricot/apricot_server.py", line 36, in __init__
2024-02-14 13:37:33+0000 [-]     raise ValueError(msg) from exc
2024-02-14 13:37:33+0000 [-] ValueError: Could not construct an OAuth client for the 'OAuthBackend.MICROSOFT_ENTRA' backend.
2024-02-14 13:37:33+0000 [-] 
2024-02-14 13:37:33+0000 [-] During handling of the above exception, another exception occurred:
2024-02-14 13:37:33+0000 [-] 
2024-02-14 13:37:33+0000 [-] Traceback (most recent call last):
2024-02-14 13:37:33+0000 [-]   File "/app/run.py", line 28, in <module>
2024-02-14 13:37:33+0000 [-]     raise ValueError(msg)
2024-02-14 13:37:33+0000 [-] ValueError: Unable to initialise Apricot server from provided command line arguments.