summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZuul <zuul@review.openstack.org>2018-04-21 03:57:31 +0000
committerGerrit Code Review <review@openstack.org>2018-04-21 03:57:31 +0000
commit686f7a5b0b13a7ef4c7ce6721e6c9e601816ad45 (patch)
treedacae84e5010c17cdb156cbfe73d7fec4235cb41
parentcd919f5d1fa3864c3fb5a4b80cdf7723a2a95285 (diff)
parenta78a25ea23a940fcc510226a2dd33731d81fb213 (diff)
Merge "Double quote www_authenticate_uri"
-rw-r--r--keystonemiddleware/auth_token/__init__.py2
-rw-r--r--keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py18
-rw-r--r--releasenotes/notes/bug-1762362-3d092b15c7bab3a4.yaml6
3 files changed, 16 insertions, 10 deletions
diff --git a/keystonemiddleware/auth_token/__init__.py b/keystonemiddleware/auth_token/__init__.py
index 09a7803..f0d2209 100644
--- a/keystonemiddleware/auth_token/__init__.py
+++ b/keystonemiddleware/auth_token/__init__.py
@@ -679,7 +679,7 @@ class AuthProtocol(BaseAuthProtocol):
679 679
680 @property 680 @property
681 def _reject_auth_headers(self): 681 def _reject_auth_headers(self):
682 header_val = 'Keystone uri=\'%s\'' % self._www_authenticate_uri 682 header_val = 'Keystone uri="%s"' % self._www_authenticate_uri
683 return [('WWW-Authenticate', header_val)] 683 return [('WWW-Authenticate', header_val)]
684 684
685 def _token_hashes(self, token): 685 def _token_hashes(self, token):
diff --git a/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py b/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
index fdda195..2c30f4a 100644
--- a/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
+++ b/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
@@ -956,37 +956,37 @@ class CommonAuthTokenMiddlewareTest(object):
956 956
957 resp = self.call_middleware(headers={'X-Auth-Token': 'invalid-token'}, 957 resp = self.call_middleware(headers={'X-Auth-Token': 'invalid-token'},
958 expected_status=401) 958 expected_status=401)
959 self.assertEqual("Keystone uri='https://keystone.example.com:1234'", 959 self.assertEqual('Keystone uri="https://keystone.example.com:1234"',
960 resp.headers['WWW-Authenticate']) 960 resp.headers['WWW-Authenticate'])
961 961
962 def test_request_invalid_signed_token(self): 962 def test_request_invalid_signed_token(self):
963 token = self.examples.INVALID_SIGNED_TOKEN 963 token = self.examples.INVALID_SIGNED_TOKEN
964 resp = self.call_middleware(headers={'X-Auth-Token': token}, 964 resp = self.call_middleware(headers={'X-Auth-Token': token},
965 expected_status=401) 965 expected_status=401)
966 self.assertEqual("Keystone uri='https://keystone.example.com:1234'", 966 self.assertEqual('Keystone uri="https://keystone.example.com:1234"',
967 resp.headers['WWW-Authenticate']) 967 resp.headers['WWW-Authenticate'])
968 968
969 def test_request_invalid_signed_pkiz_token(self): 969 def test_request_invalid_signed_pkiz_token(self):
970 token = self.examples.INVALID_SIGNED_PKIZ_TOKEN 970 token = self.examples.INVALID_SIGNED_PKIZ_TOKEN
971 resp = self.call_middleware(headers={'X-Auth-Token': token}, 971 resp = self.call_middleware(headers={'X-Auth-Token': token},
972 expected_status=401) 972 expected_status=401)
973 self.assertEqual("Keystone uri='https://keystone.example.com:1234'", 973 self.assertEqual('Keystone uri="https://keystone.example.com:1234"',
974 resp.headers['WWW-Authenticate']) 974 resp.headers['WWW-Authenticate'])
975 975
976 def test_request_no_token(self): 976 def test_request_no_token(self):
977 resp = self.call_middleware(expected_status=401) 977 resp = self.call_middleware(expected_status=401)
978 self.assertEqual("Keystone uri='https://keystone.example.com:1234'", 978 self.assertEqual('Keystone uri="https://keystone.example.com:1234"',
979 resp.headers['WWW-Authenticate']) 979 resp.headers['WWW-Authenticate'])
980 980
981 def test_request_no_token_http(self): 981 def test_request_no_token_http(self):
982 resp = self.call_middleware(method='HEAD', expected_status=401) 982 resp = self.call_middleware(method='HEAD', expected_status=401)
983 self.assertEqual("Keystone uri='https://keystone.example.com:1234'", 983 self.assertEqual('Keystone uri="https://keystone.example.com:1234"',
984 resp.headers['WWW-Authenticate']) 984 resp.headers['WWW-Authenticate'])
985 985
986 def test_request_blank_token(self): 986 def test_request_blank_token(self):
987 resp = self.call_middleware(headers={'X-Auth-Token': ''}, 987 resp = self.call_middleware(headers={'X-Auth-Token': ''},
988 expected_status=401) 988 expected_status=401)
989 self.assertEqual("Keystone uri='https://keystone.example.com:1234'", 989 self.assertEqual('Keystone uri="https://keystone.example.com:1234"',
990 resp.headers['WWW-Authenticate']) 990 resp.headers['WWW-Authenticate'])
991 991
992 def _get_cached_token(self, token, mode='md5'): 992 def _get_cached_token(self, token, mode='md5'):
@@ -1126,7 +1126,7 @@ class CommonAuthTokenMiddlewareTest(object):
1126 self.assert_valid_last_url(token) 1126 self.assert_valid_last_url(token)
1127 else: 1127 else:
1128 self.assertEqual(401, resp.status_int) 1128 self.assertEqual(401, resp.status_int)
1129 msg = "Keystone uri='https://keystone.example.com:1234'" 1129 msg = 'Keystone uri="https://keystone.example.com:1234"'
1130 self.assertEqual(msg, resp.headers['WWW-Authenticate']) 1130 self.assertEqual(msg, resp.headers['WWW-Authenticate'])
1131 1131
1132 def test_uuid_bind_token_disabled_with_kerb_user(self): 1132 def test_uuid_bind_token_disabled_with_kerb_user(self):
@@ -1660,7 +1660,7 @@ class v2AuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest,
1660 """Unscoped requests with no default tenant ID should be rejected.""" 1660 """Unscoped requests with no default tenant ID should be rejected."""
1661 resp = self.call_middleware(headers={'X-Auth-Token': token}, 1661 resp = self.call_middleware(headers={'X-Auth-Token': token},
1662 expected_status=401) 1662 expected_status=401)
1663 self.assertEqual("Keystone uri='https://keystone.example.com:1234'", 1663 self.assertEqual('Keystone uri="https://keystone.example.com:1234"',
1664 resp.headers['WWW-Authenticate']) 1664 resp.headers['WWW-Authenticate'])
1665 1665
1666 def test_unscoped_uuid_token_receives_401(self): 1666 def test_unscoped_uuid_token_receives_401(self):
@@ -2030,7 +2030,7 @@ class DelayedAuthTests(BaseAuthTokenMiddlewareTest):
2030 resp = self.call(middleware, expected_status=401) 2030 resp = self.call(middleware, expected_status=401)
2031 self.assertEqual(six.b(body), resp.body) 2031 self.assertEqual(six.b(body), resp.body)
2032 2032
2033 self.assertEqual("Keystone uri='%s'" % www_authenticate_uri, 2033 self.assertEqual('Keystone uri="%s"' % www_authenticate_uri,
2034 resp.headers['WWW-Authenticate']) 2034 resp.headers['WWW-Authenticate'])
2035 2035
2036 def test_delayed_auth_values(self): 2036 def test_delayed_auth_values(self):
diff --git a/releasenotes/notes/bug-1762362-3d092b15c7bab3a4.yaml b/releasenotes/notes/bug-1762362-3d092b15c7bab3a4.yaml
new file mode 100644
index 0000000..16deea3
--- /dev/null
+++ b/releasenotes/notes/bug-1762362-3d092b15c7bab3a4.yaml
@@ -0,0 +1,6 @@
1---
2features:
3 - >
4 [`bug 1762362 <https://bugs.launchpad.net/keystonemiddleware/+bug/1762362>`_]
5 The value of the header "WWW-Authenticate" in a 401 (Unauthorized) response
6 now is double quoted to follow the RFC requirement.