Merge "Clean the auth app after authentication failure"

2016-08-29 02:50:30 +00:00 · 2016-08-29 02:50:30 +00:00 · d2ad33f07c
commit d2ad33f07c
parent ad69a22eb5 228f4a6920
2 changed files with 32 additions and 0 deletions
--- a/zaqar/tests/unit/transport/websocket/v2/test_auth.py
+++ b/zaqar/tests/unit/transport/websocket/v2/test_auth.py
@ -136,6 +136,34 @@ class AuthTest(base.V2Base):
        self.assertIn('cancelled', repr(handle))
        self.assertNotIn('cancelled', repr(self.protocol._deauth_handle))

+    def test_reauth_after_auth_failure(self):
+        headers = self.headers.copy()
+        headers['X-Auth-Token'] = 'wrong_token'
+        req = json.dumps({'action': 'authenticate', 'headers': headers})
+
+        msg_mock = mock.patch.object(self.protocol, 'sendMessage')
+        self.addCleanup(msg_mock.stop)
+        msg_mock = msg_mock.start()
+        # after authenticate failure, the _auth_app will be  None and the
+        # request will raise 401 error.
+        self.protocol.onMessage(req, False)
+        self.protocol._auth_response('401 error', 'Failed')
+        resp = json.loads(msg_mock.call_args[0][0])
+
+        self.assertEqual(401, resp['headers']['status'])
+        self.assertEqual('authenticate', resp['request']['action'])
+        self.assertIsNone(self.protocol._auth_app)
+
+        # try to authenticate again, "onMessage" should not return 403 because
+        # that the _auth_app was cleaned after auth failure.
+        headers['X-Auth-Token'] = 'mytoken'
+        req = json.dumps({'action': 'authenticate', 'headers': headers})
+        self.protocol.onMessage(req, False)
+
+        self.protocol._auth_response('200 OK', 'authenticate success')
+        resp = json.loads(msg_mock.call_args[0][0])
+        self.assertEqual(200, resp['headers']['status'])
+
    @ddt.data(True, False)
    def test_auth_response_serialization_format(self, in_binary):
        dumps, loads, create_req = test_utils.get_pack_tools(binary=in_binary)
--- a/zaqar/transport/websocket/protocol.py
+++ b/zaqar/transport/websocket/protocol.py
@ -180,6 +180,10 @@ class MessagingProtocol(websocket.WebSocketServerProtocol):
        code = int(status.split()[0])
        req = self._handler.create_request({'action': 'authenticate'})
        if code != 200:
+            # NOTE(wangxiyuan): _auth_app should be cleaned up the after the
+            # authentication failure so that the client can be authenticated
+            # again.
+            self._auth_app = None
            body = {'error': 'Authentication failed.'}
            resp = self._handler.create_response(code, body, req)
            self._send_response(resp, self._auth_in_binary)