Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(api/enhanced_account): token auth fail with different exception message #408

Merged
merged 2 commits into from
May 9, 2022
Merged

fix(api/enhanced_account): token auth fail with different exception message #408

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ceb9fd5
fix(api/enhanced_account): token auth fail with different exception m…
wklken May 7, 2022
6eacbe5
fix(api/auth): fix invalid auth credentials message
wklken May 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions src/api/bkuser_core/enhanced_account/authentication.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,21 +48,24 @@ def get_token_from_query_params(self, request):
try:
return request.query_params[self.query_params_keyword]
except KeyError:
msg = "Invalid token header. No credentials provided."
msg = f"Invalid token header. No credentials provided. {self.query_params_keyword} is not in query params"
raise exceptions.AuthenticationFailed(msg)

def get_token_from_header(self, request):
auth = get_authorization_header(request).split()

if not auth or auth[0].lower() != self.keyword.lower().encode():
msg = "Invalid token header. No credentials provided."
msg = "Invalid token header. No credentials provided. The format should be `iBearer THE_TOKEN`"
raise exceptions.AuthenticationFailed(msg)

if len(auth) == 1:
msg = "Invalid token header. No credentials provided."
msg = "Invalid token header. No credentials provided. The size of auth array credentials is 0"
raise exceptions.AuthenticationFailed(msg)
elif len(auth) > 2:
msg = "Invalid token header. Token string should not contain spaces."
msg = (
"Invalid token header. Token string should not contain spaces. "
+ "The size of auth array credentials is more than 2"
)
raise exceptions.AuthenticationFailed(msg)

try:
Expand All @@ -74,11 +77,6 @@ def get_token_from_header(self, request):
return token

def authenticate(self, request):
for white_url in settings.AUTH_EXEMPT_PATHS:
if re.search(white_url, request.path):
logger.info("%s path in white_url<%s>, exempting auth", request.path, white_url)
return None, None

try:
token = self.get_token_from_query_params(request)
except exceptions.AuthenticationFailed:
Expand All @@ -92,7 +90,9 @@ def authenticate_credentials(self, key):
if key in settings.INTERNAL_AUTH_TOKENS:
user_info = settings.INTERNAL_AUTH_TOKENS[key]
return create_user(user_info["username"]), None
raise exceptions.AuthenticationFailed("request failed: Invalid token header. No credentials provided.")
raise exceptions.AuthenticationFailed(
"request failed: Invalid token header. No credentials provided or Wrong credentials."
)


class ESBOrAPIGatewayAuthentication(BaseAuthentication):
Expand Down