Gracefully fallback from session-missing situation

This would also enable Microsoft Entra ID B2C's Edit Profile flow
rayluo · Jan 23, 2024 · e72d792 · e72d792
1 parent c53eadf
commit e72d792
Showing 1 changed file with 12 additions and 3 deletions.
diff --git a/identity/web.py b/identity/web.py
@@ -146,9 +146,18 @@ def complete_log_in(self, auth_response=None):
         """
         auth_flow = self._session.get(self._AUTH_FLOW, {})
         if not auth_flow:
-            raise ValueError(
-                "The web page with complete_log_in() "
-                "MUST be visited after the web page with log_in()")
+            logger.warning(
+                "We found no prior log_in() info from current session. "
+                "This situation may be caused by: "
+                "(1) Special scenarios such as returning from B2C's edit profile, "
+                "in which case you can simply ignore this warning, or "
+                "(2) sessions were all reset due to a recent server restart, "
+                "in which case you can simply restart a new log-in, or "
+                "(3) the session was stored on the file system of another server, "
+                "in which case you need to use either a centralized session store "
+                "or a load balancer with sticky session (a.k.a. affinity cookie). "
+            )
+            return {}  # Return a no-op for this non-actionable error
         cache = self._load_cache()
         if auth_response:  # Auth Code flow
             try: