Fix http 500 when no accept header passed to secret GET /payload

Update secrets controller to catch the situation where no Accept
http header value is passed (or a blank value is passed).

Default to application/octet-stream as the Accept: header is not
required.

Change-Id: Icb940df639fb98ee594e3a2b227ed3f753d28517
Closes-Bug: 1462681

barbican/api/controllers/secrets.py

@@ -127,7 +127,10 @@ class SecretController(controllers.ACLMixin):
         external_project_id = secret.project_assocs[0].projects.external_id
         project = res.get_or_create_project(external_project_id)
 
-        pecan.override_template('', pecan.request.accept.header_value)
+        # default to application/octet-stream if there is no Accept header
+        accept_header = getattr(pecan.request.accept, 'header_value',
+                                'application/octet-stream')
+        pecan.override_template('', accept_header)
 
         twsk = kwargs.get('trans_wrapped_session_key', None)
         transport_key = None
@@ -136,7 +139,7 @@ class SecretController(controllers.ACLMixin):
             transport_key = self._get_transport_key(
                 kwargs.get('transport_key_id', None))
 
-        return plugin.get_secret(pecan.request.accept.header_value,
+        return plugin.get_secret(accept_header,
                                  secret,
                                  project,
                                  twsk,

barbican/tests/api/controllers/test_secrets.py

@@ -280,6 +280,40 @@ class WhenGettingPuttingOrDeletingSecret(utils.BarbicanAPIBaseTestCase):
         self.assertEqual(200, get_resp.status_int)
         self.assertEqual(payload, get_resp.body)
 
+    def test_get_secret_payload_with_blank_accept_header(self):
+        payload = 'a very interesting string'
+        resp, secret_uuid = create_secret(
+            self.app,
+            payload=payload,
+            content_type='text/plain'
+        )
+
+        self.assertEqual(201, resp.status_int)
+
+        headers = {'Accept': ''}
+        get_resp = self.app.get(
+            '/secrets/{0}/payload'.format(secret_uuid), headers=headers
+        )
+        self.assertEqual(200, get_resp.status_int)
+        self.assertEqual(payload, get_resp.body)
+
+    def test_get_secret_payload_with_no_accept_header(self):
+        payload = 'a very interesting string'
+        resp, secret_uuid = create_secret(
+            self.app,
+            payload=payload,
+            content_type='text/plain'
+        )
+
+        self.assertEqual(201, resp.status_int)
+
+        headers = {}
+        get_resp = self.app.get(
+            '/secrets/{0}/payload'.format(secret_uuid), headers=headers
+        )
+        self.assertEqual(200, get_resp.status_int)
+        self.assertEqual(payload, get_resp.body)
+
     def test_get_secret_is_decoded_for_binary(self):
         payload = 'a123'
         resp, secret_uuid = create_secret(

functionaltests/api/v1/functional/test_secrets.py

@@ -180,6 +180,25 @@ class SecretsTestCase(base.TestCase):
         resp = self.behaviors.get_secret_metadata('not_a_uuid')
         self.assertEqual(resp.status_code, 404)
 
+    @testcase.attr('positive')
+    def test_secret_get_payload_no_accept_header(self):
+        """GET a secret payload, do not pass in accept header.
+
+        Should return a 200.
+        """
+        test_model = secret_models.SecretModel(
+            **self.default_secret_create_data)
+
+        resp, secret_ref = self.behaviors.create_secret(test_model)
+        self.assertEqual(resp.status_code, 201)
+
+        get_resp = self.behaviors.get_secret(
+            secret_ref,
+            payload_content_type='')
+        self.assertEqual(get_resp.status_code, 200)
+        self.assertIn(test_model.payload,
+                      binascii.b2a_base64(get_resp.content))
+
     @testcase.attr('negative')
     def test_secret_delete_doesnt_exist(self):
         """DELETE a non-existent secret.