Handle unauthorized exceptions in a custom handler

closes pulp#1254
lubosmj · Apr 11, 2023 · 8080e46 · 8080e46
1 parent 6534175
commit 8080e46
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 2 deletions.
diff --git a/CHANGES/1254.bugfix b/CHANGES/1254.bugfix
@@ -0,0 +1 @@
+Fixed a bug that disallowed users to configure custom authentication classes for the token server.
diff --git a/pulp_container/app/exceptions.py b/pulp_container/app/exceptions.py
@@ -1,4 +1,19 @@
-from rest_framework.exceptions import NotFound, ParseError
+from rest_framework import status, views
+from rest_framework.exceptions import (
+    AuthenticationFailed,
+    NotAuthenticated,
+    NotFound,
+    ParseError,
+)
+
+
+def unauthorized_exception_handler(exc, context):
+    response = views.exception_handler(exc, context)
+
+    if isinstance(exc, (AuthenticationFailed, NotAuthenticated)):
+        response.status_code = status.HTTP_401_UNAUTHORIZED
+
+    return response
 
 
 class RepositoryNotFound(NotFound):

diff --git a/pulp_container/app/registry_api.py b/pulp_container/app/registry_api.py
@@ -357,7 +357,6 @@ class BearerTokenView(APIView):
     """
 
     # Allow everyone to access but still value authenticated users.
-    authentication_classes = [BasicAuthentication]
     permission_classes = []
 
     def get(self, request):

diff --git a/pulp_container/app/settings.py b/pulp_container/app/settings.py
@@ -1,4 +1,11 @@
+from django.conf import settings
+
 DRF_ACCESS_POLICY = {
     "dynaconf_merge_unique": True,
     "reusable_conditions": ["pulp_container.app.global_access_conditions"],
 }
+
+REST_FRAMEWORK = settings.REST_FRAMEWORK
+REST_FRAMEWORK.update(
+    {"EXCEPTION_HANDLER": "pulp_container.app.exceptions.unauthorized_exception_handler"}
+)
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Fixed a bug that disallowed users to configure custom authentication classes for the token server.