raise and catch correct authenticate error

12 years ago · 3cce41e280
parent c59370eda0
commit 3cce41e280
2 changed files with 9 additions and 7 deletions
--- a/keystone/service.py
+++ b/keystone/service.py
@ -149,11 +149,14 @@ class TokenController(wsgi.Application):
            else:
                tenant_id = auth.get('tenantId', None)

-            (user_ref, tenant_ref, metadata_ref) = \
-                    self.identity_api.authenticate(context=context,
-                                                   user_id=user_id,
-                                                   password=password,
-                                                   tenant_id=tenant_id)
+            try:
+                (user_ref, tenant_ref, metadata_ref) = \
+                        self.identity_api.authenticate(context=context,
+                                                       user_id=user_id,
+                                                       password=password,
+                                                       tenant_id=tenant_id)
+            except AssertionError as e:
+                raise webob.exc.HTTPForbidden(e.message)
            token_ref = self.token_api.create_token(
                    context, token_id, dict(expires='',
                                            id=token_id,
--- a/tests/test_keystoneclient.py
+++ b/tests/test_keystoneclient.py
@ -212,8 +212,7 @@ class KcMasterTestCase(CompatTestCase):
        user = client.users.get(user.id)
        self.assertFalse(user.enabled)

-        # TODO(ja): test that you can't login
-        self.assertRaises(client_exceptions.Forbidden,
+        self.assertRaises(client_exceptions.AuthorizationFailure,
                  self._client,
                  username=test_username,
                  password='password')