Handle unknown request paths gracefully.

Closes issue #1.

Author: Rebecka Gulliksson

src/satosa/base.py

@@ -13,7 +13,7 @@
 from satosa.logging_util import satosa_logging
 from satosa.plugin_loader import load_backends, load_frontends, load_micro_services
 from satosa.response import Response
-from satosa.routing import ModuleRouter
+from satosa.routing import ModuleRouter, SATOSANoBoundEndpointError
 from satosa.state import cookie_to_state, SATOSAStateError, State, state_to_cookie
 
 __author__ = 'mathiashedstrom'
@@ -273,6 +273,8 @@ def run(self, context):
             spec = self.module_router.endpoint_routing(context)
             resp = self._run_bound_endpoint(context, spec)
             self._save_state(resp, context)
+        except SATOSANoBoundEndpointError:
+            raise
         except SATOSAError:
             satosa_logging(LOGGER, logging.ERROR, "Uncaught SATOSA error", context.state,
                            exc_info=True)

src/satosa/proxy_server.py

@@ -43,6 +43,10 @@ def run_server(self, environ, start_response, debug=False):
         if ".." in path:
             resp = Unauthorized()
             return resp(environ, start_response)
+        elif path == "":
+            resp = NotFound("Couldn't find the side you asked for!")
+            return resp(environ, start_response)
+
 
         context = Context()
         context.path = path

src/satosa/routing.py

@@ -136,8 +136,6 @@ def endpoint_routing(self, context):
 
         if backend in self.backends:
             context.target_backend = backend
-        else:
-            satosa_logging(LOGGER, logging.DEBUG, "Unknown backend %s" % backend, context.state)
 
         # Search for frontend endpoint
         for frontend in self.frontends.keys():
@@ -151,15 +149,19 @@ def endpoint_routing(self, context):
                     satosa_logging(LOGGER, logging.INFO, msg, context.state)
                     return spec
 
-        # Search for backend endpoint
-        for regex, spec in self.backends[backend]["endpoints"]:
-            match = re.search(regex, context.path)
-            if match is not None:
-                msg = "Backend request. Module name:'{name}', endpoint: {endpoint}".format(
-                    name=backend,
-                    endpoint=context.path)
-                satosa_logging(LOGGER, logging.INFO, msg, context.state)
-                return spec
-        satosa_logging(LOGGER, logging.DEBUG, "%s not bound to any function" % context.path,
-                       context.state)
+        if backend in self.backends:
+            # Search for backend endpoint
+            for regex, spec in self.backends[backend]["endpoints"]:
+                match = re.search(regex, context.path)
+                if match is not None:
+                    msg = "Backend request. Module name:'{name}', endpoint: {endpoint}".format(
+                        name=backend,
+                        endpoint=context.path)
+                    satosa_logging(LOGGER, logging.INFO, msg, context.state)
+                    return spec
+            satosa_logging(LOGGER, logging.DEBUG, "%s not bound to any function" % context.path,
+                           context.state)
+        else:
+            satosa_logging(LOGGER, logging.DEBUG, "Unknown backend %s" % backend, context.state)
+
         raise SATOSANoBoundEndpointError("'{}' not bound to any function".format(context.path))

tests/test_wsgi_flow.py

@@ -10,6 +10,7 @@
 import pytest
 from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
 from saml2.config import SPConfig, IdPConfig
+from saml2.httputil import NotFound
 from werkzeug.test import Client
 from werkzeug.wrappers import BaseResponse
 
@@ -303,3 +304,10 @@ def test_flow(self):
 
         identity = resp.ava
         assert identity["displayName"][0] == "Test Testsson"
+
+    def test_unknown_request_path(self):
+        app = WsgiApplication(config=TestConfiguration.get_instance().proxy_config)
+        test_client = Client(app.run_server, BaseResponse)
+
+        resp = test_client.get('/unknown')
+        assert resp.status == NotFound._status