Merge "Clean the auth app after authentication failure"
This commit is contained in:
commit
d2ad33f07c
@ -136,6 +136,34 @@ class AuthTest(base.V2Base):
|
||||
self.assertIn('cancelled', repr(handle))
|
||||
self.assertNotIn('cancelled', repr(self.protocol._deauth_handle))
|
||||
|
||||
def test_reauth_after_auth_failure(self):
|
||||
headers = self.headers.copy()
|
||||
headers['X-Auth-Token'] = 'wrong_token'
|
||||
req = json.dumps({'action': 'authenticate', 'headers': headers})
|
||||
|
||||
msg_mock = mock.patch.object(self.protocol, 'sendMessage')
|
||||
self.addCleanup(msg_mock.stop)
|
||||
msg_mock = msg_mock.start()
|
||||
# after authenticate failure, the _auth_app will be None and the
|
||||
# request will raise 401 error.
|
||||
self.protocol.onMessage(req, False)
|
||||
self.protocol._auth_response('401 error', 'Failed')
|
||||
resp = json.loads(msg_mock.call_args[0][0])
|
||||
|
||||
self.assertEqual(401, resp['headers']['status'])
|
||||
self.assertEqual('authenticate', resp['request']['action'])
|
||||
self.assertIsNone(self.protocol._auth_app)
|
||||
|
||||
# try to authenticate again, "onMessage" should not return 403 because
|
||||
# that the _auth_app was cleaned after auth failure.
|
||||
headers['X-Auth-Token'] = 'mytoken'
|
||||
req = json.dumps({'action': 'authenticate', 'headers': headers})
|
||||
self.protocol.onMessage(req, False)
|
||||
|
||||
self.protocol._auth_response('200 OK', 'authenticate success')
|
||||
resp = json.loads(msg_mock.call_args[0][0])
|
||||
self.assertEqual(200, resp['headers']['status'])
|
||||
|
||||
@ddt.data(True, False)
|
||||
def test_auth_response_serialization_format(self, in_binary):
|
||||
dumps, loads, create_req = test_utils.get_pack_tools(binary=in_binary)
|
||||
|
@ -180,6 +180,10 @@ class MessagingProtocol(websocket.WebSocketServerProtocol):
|
||||
code = int(status.split()[0])
|
||||
req = self._handler.create_request({'action': 'authenticate'})
|
||||
if code != 200:
|
||||
# NOTE(wangxiyuan): _auth_app should be cleaned up the after the
|
||||
# authentication failure so that the client can be authenticated
|
||||
# again.
|
||||
self._auth_app = None
|
||||
body = {'error': 'Authentication failed.'}
|
||||
resp = self._handler.create_response(code, body, req)
|
||||
self._send_response(resp, self._auth_in_binary)
|
||||
|
Loading…
Reference in New Issue
Block a user