Added one extra check and test for an unlikely error

NickolausDS · NickolausDS · commit 73133df4d5d3 · 2018-01-22T08:09:40.000-08:00
diff --git a/invenio_oauthclient/contrib/globus.py b/invenio_oauthclient/contrib/globus.py
@@ -131,9 +131,15 @@ def get_user_id(remote, email):
 
     See the docs here for v2/api/identities
     https://docs.globus.org/api/auth/reference/"""
-    url = '{}?usernames={}'.format(GLOBUS_USER_ID_URL, email)
-    user_id = get_dict_from_response(remote.get(url))
-    return user_id['identities'][0]['id']
+    try:
+        url = '{}?usernames={}'.format(GLOBUS_USER_ID_URL, email)
+        user_id = get_dict_from_response(remote.get(url))
+        return user_id['identities'][0]['id']
+    except KeyError:
+        # If we got here the response was successful but the data was invalid.
+        # It's likely the URL is wrong but possible the API has changed.
+        raise OAuthResponseError('Failed to fetch user id, likely server '
+                                 'mis-configuration', None, remote)
 
 
 def account_info(remote, resp):
diff --git a/tests/conftest.py b/tests/conftest.py
@@ -94,6 +94,7 @@ def base_app(request):
         DEBUG=False,
         SECRET_KEY='TEST',
         SECURITY_DEPRECATED_PASSWORD_SCHEMES=[],
+        SQLALCHEMY_TRACK_MODIFICATIONS=False,
         SECURITY_PASSWORD_HASH='plaintext',
         SECURITY_PASSWORD_SCHEMES=['plaintext'],
     )
diff --git a/tests/test_contrib_globus.py b/tests/test_contrib_globus.py
@@ -241,16 +241,40 @@ class MockResponse:
                              remote_app='globus'))
         assert resp.status_code == 302
 
-        example_info, example_token, example_account_id = example_globus
+        _, example_token, _ = example_globus
         mock_response(app.extensions['oauthlib.client'], 'globus',
                       example_token)
-        example_info.update(example_account_id)
         oauth_resp = OAuthResponse(resp=MockResponse(), content=None,
                                    content_type='application/json')
         mock_remote_get(ioc, 'globus', oauth_resp)
 
         with pytest.raises(OAuthResponseError):
-            resp = c.get(
+            c.get(
+                url_for('invenio_oauthclient.authorized',
+                        remote_app='globus', code='test',
+                        state=_get_state()))
+
+
+def test_invalid_user_id_response(app, example_globus):
+    with app.test_client() as c:
+
+        # User login with email 'info'
+        ioc = app.extensions['oauthlib.client']
+
+        # Ensure remote apps have been loaded (due to before first request)
+        resp = c.get(url_for('invenio_oauthclient.login',
+                             remote_app='globus'))
+        assert resp.status_code == 302
+
+        example_info, example_token, _ = example_globus
+        mock_response(app.extensions['oauthlib.client'], 'globus',
+                      example_token)
+        oauth_resp = OAuthResponse(resp=None, content=json.dumps(example_info),
+                                   content_type='application/json')
+        mock_remote_get(ioc, 'globus', oauth_resp)
+
+        with pytest.raises(OAuthResponseError):
+            c.get(
                 url_for('invenio_oauthclient.authorized',
                         remote_app='globus', code='test',
                         state=_get_state()))

Original file line number	Diff line number	Diff line change
`@@ -94,6 +94,7 @@ def base_app(request):`
`94`	`94`	`DEBUG=False,`
`95`	`95`	`SECRET_KEY='TEST',`
`96`	`96`	`SECURITY_DEPRECATED_PASSWORD_SCHEMES=[],`
	`97`	`+ SQLALCHEMY_TRACK_MODIFICATIONS=False,`
`97`	`98`	`SECURITY_PASSWORD_HASH='plaintext',`
`98`	`99`	`SECURITY_PASSWORD_SCHEMES=['plaintext'],`
`99`	`100`	`)`