Cleaning up

SURFscz · Jun 8, 2022 · db16a6d · db16a6d
1 parent 9726bd7
commit db16a6d
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 3 deletions.
diff --git a/server/api/mfa.py b/server/api/mfa.py
@@ -79,7 +79,6 @@ def _do_get2fa(schac_home_organisation, user_identifier):
     img.save(buffered, format="PNG")
     img_str = base64.b64encode(buffered.getvalue()).decode()
     idp_name = idp_display_name(schac_home_organisation, "en")
-    # hier ook ssid_required en sha en uid teruggeven
     return {"qr_code_base64": img_str, "secret": secret, "idp_name": idp_name}, 200
 
 
@@ -144,7 +143,6 @@ def get2fa_proxy_authz():
     user = User.query.filter(User.second_fa_uuid == second_fa_uuid).one()
     if user.second_factor_auth:
         return {}, 200
-    # hier ook ssid_required teruggeven
     return _do_get2fa(user.schac_home_organisation, user.uid)
 
 

diff --git a/server/api/user_saml.py b/server/api/user_saml.py
@@ -62,7 +62,8 @@ def _perform_sram_login(uid, home_organisation_uid, schac_home_organisation, iss
 
         # this is a configuration conflict and should never happen!
         if idp_allowed and ssid_required:
-            raise Exception(f"Both IdP-based MFA and SSID-based MFA configured for IdP '{schac_home_organisation}'")
+            raise InternalServerError("Both IdP-based MFA and SSID-based MFA configured "
+                                      f"for IdP '{schac_home_organisation}'")
 
         # if IdP-base MFA is set, we assume everything is handled by the IdP, and we skip all checks here
         # also skip if user has already recently performed MFA