remove token from notifier middleware

notifier middleware is capturing token and sending it to MQ. this
is not advisable so we should filter it out.

Change-Id: Ia1bfa1bd24989681db1d2f385defc12e69a01f8d
Closes-Bug: #1321080
(cherry picked from commit 09281ccf78)
This commit is contained in:
Gordon Chung 2014-05-20 12:30:41 -04:00 committed by Zhi Kun Liu
parent 4c738572b2
commit 354a9f99d1
2 changed files with 10 additions and 3 deletions

View File

@ -68,7 +68,7 @@ class RequestNotifier(base.Middleware):
"""
return dict((k, v) for k, v in six.iteritems(environ)
if k.isupper())
if k.isupper() and k != 'HTTP_X_AUTH_TOKEN')
@log_and_ignore_error
def process_request(self, request):

View File

@ -14,6 +14,7 @@
# under the License.
import mock
import uuid
import webob
from openstack.common.middleware import notifier
@ -41,7 +42,8 @@ class NotifierMiddlewareTest(utils.BaseTestCase):
def test_notification(self):
middleware = notifier.RequestNotifier(FakeApp())
req = webob.Request.blank('/foo/bar',
environ={'REQUEST_METHOD': 'GET'})
environ={'REQUEST_METHOD': 'GET',
'HTTP_X_AUTH_TOKEN': uuid.uuid4()})
with mock.patch('openstack.common.notifier.api.notify') as notify:
middleware(req)
# Check first notification with only 'request'
@ -55,6 +57,7 @@ class NotifierMiddlewareTest(utils.BaseTestCase):
self.assertEqual(request['PATH_INFO'], '/foo/bar')
self.assertEqual(request['REQUEST_METHOD'], 'GET')
self.assertIn('HTTP_X_SERVICE_NAME', request)
self.assertNotIn('HTTP_X_AUTH_TOKEN', request)
self.assertFalse(any(map(lambda s: s.startswith('wsgi.'),
request.keys())),
"WSGI fields are filtered out")
@ -70,6 +73,7 @@ class NotifierMiddlewareTest(utils.BaseTestCase):
self.assertEqual(request['PATH_INFO'], '/foo/bar')
self.assertEqual(request['REQUEST_METHOD'], 'GET')
self.assertIn('HTTP_X_SERVICE_NAME', request)
self.assertNotIn('HTTP_X_AUTH_TOKEN', request)
self.assertFalse(any(map(lambda s: s.startswith('wsgi.'),
request.keys())),
"WSGI fields are filtered out")
@ -81,7 +85,8 @@ class NotifierMiddlewareTest(utils.BaseTestCase):
def test_notification_response_failure(self):
middleware = notifier.RequestNotifier(FakeFailingApp())
req = webob.Request.blank('/foo/bar',
environ={'REQUEST_METHOD': 'GET'})
environ={'REQUEST_METHOD': 'GET',
'HTTP_X_AUTH_TOKEN': uuid.uuid4()})
with mock.patch('openstack.common.notifier.api.notify') as notify:
try:
middleware(req)
@ -99,6 +104,7 @@ class NotifierMiddlewareTest(utils.BaseTestCase):
self.assertEqual(request['PATH_INFO'], '/foo/bar')
self.assertEqual(request['REQUEST_METHOD'], 'GET')
self.assertIn('HTTP_X_SERVICE_NAME', request)
self.assertNotIn('HTTP_X_AUTH_TOKEN', request)
self.assertFalse(any(map(lambda s: s.startswith('wsgi.'),
request.keys())),
"WSGI fields are filtered out")
@ -114,6 +120,7 @@ class NotifierMiddlewareTest(utils.BaseTestCase):
self.assertEqual(request['PATH_INFO'], '/foo/bar')
self.assertEqual(request['REQUEST_METHOD'], 'GET')
self.assertIn('HTTP_X_SERVICE_NAME', request)
self.assertNotIn('HTTP_X_AUTH_TOKEN', request)
self.assertFalse(any(map(lambda s: s.startswith('wsgi.'),
request.keys())),
"WSGI fields are filtered out")