diff --git a/backend/web/login/login.py b/backend/web/login/login.py
index afee0f8038ce3da8d09fee4f1610df3e2e8453df..12d4ff1aecaa1aa69fc960ff9033aa30b09006bf 100644
--- a/backend/web/login/login.py
+++ b/backend/web/login/login.py
@@ -338,11 +338,15 @@ def consent():
except AttributeError:
current_app.logger.error(f"Could not find app for client {client_id}")
return redirect(
- consent_request.reject(
- error="No access",
- error_description="The user has no access for app",
- error_hint="Contact your administrator",
- status_code=401,
+ hydra_admin_api.reject_consent_request(
+ challenge,
+ # In previous versions of the hydra API client library, we
+ # could set these parameters, but that's no longer possible,
+ # not sure why.
+ # error="No access",
+ # error_description="The user has no access for app",
+ # error_hint="Contact your administrator",
+ # status_code=401,
)
)
@@ -359,11 +363,15 @@ def consent():
# If there is no role in app_roles or the role_id for an app is null user has no permissions
current_app.logger.error(f"User has no access for: {app_obj.name}")
return redirect(
- consent_request.reject(
- error="No access",
- error_description="The user has no access for app",
- error_hint="Contact your administrator",
- status_code=401,
+ hydra_admin_api.reject_consent_request(
+ challenge,
+ # In previous versions of the hydra API client library, we
+ # could set these parameters, but that's no longer possible,
+ # not sure why.
+ # error="No access",
+ # error_description="The user has no access for app",
+ # error_hint="Contact your administrator",
+ # status_code=401,
)
)
else:
@@ -494,9 +502,9 @@ def prelogout():
# Accept logout request and direct to hydra to remove cookies
try:
- hydra_return = logout_request.accept(subject=logout_request.subject)
+ hydra_return = hydra_admin_api.accept_logout_request(challenge)
if hydra_return:
- return redirect(hydra_return)
+ return redirect(hydra_return.redirect_to)
except Exception as ex:
current_app.logger.info("Error logging out hydra: %s", str(ex))