Never fatal.

Signed-off-by: Rick Elrod <[email protected]>

ansible_base/authentication/backend.py

@@ -37,7 +37,11 @@ def authenticate(self, request, *args, **kwargs):
         last_modified = None if last_modified_item is None else last_modified_item.get('modified')
 
         for authenticator_id, authenticator_object in get_authentication_backends(last_modified).items():
-            user = authenticator_object.authenticate(request, *args, **kwargs)
+            try:
+                user = authenticator_object.authenticate(request, *args, **kwargs)
+            except Exception:
+                logger.exception(f"Exception raised while trying to authenticate with {authenticator_object.database_instance.name}")
+                continue
 
             # Social Auth pipeline can return status string when update_user_claims fails (authentication maps deny access)
             if user == SOCIAL_AUTH_PIPELINE_FAILED_STATUS:

test_app/tests/authentication/test_backend.py

@@ -153,3 +153,18 @@ def test_authenticate(request, local_authenticator, github_enterprise_authentica
             expected = request.getfixturevalue(expected)
 
         assert auth_return == expected
+
+
+# Make the local authenticator authenticate method raise an exception
+@mock.patch('ansible_base.authentication.authenticator_plugins.local.AuthenticatorPlugin.authenticate', side_effect=Exception("eeekkkk"))
+def test_authentication_exception(expected_log, local_authenticator):
+    # Patch the backends to have the local authenticator in it
+    with mock.patch(
+        "ansible_base.authentication.backend.get_authentication_backends",
+        return_value={local_authenticator.id: local_authenticator},
+    ):
+        # We expect am exception
+        with pytest.raises(Exception):
+            # Expect the log we emit
+            with expected_log('ansible_base.authentication.backened', "exception", "Exception raised while trying to authenticate with"):
+                backend.AnsibleBaseAuth().authenticate(None)