Don't try to use SAML error strings as HTTPError codes in a ProviderException
ProviderException and the exceptions that inherit from it have an optional
code parameter, which we either don't set, set to a HTTP status code, or
pass a lasso error code to. We then try to use it as an HTTP status code
for the cherrypy HTTPError constructor. In the case of the lasso errors
(which are strings) that is very much wrong. Clear up the confusion by
having each exception class have an explicit HTTP status code to use with
the HTTPError constructor, and store the code parameter seperately.
Add a new UnauthorizedRequest exception that returns an HTTP 401. Change
the openid code to use that and InvalidRequest instead of raising
AuthenticationError with an HTTP status code.
Merges: #95
Signed-off-by: Howard Johnson <merlin@merlinthp.org>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>