From 70337682d97d13276ca17309505e55add1405d73 Mon Sep 17 00:00:00 2001
From: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@industrialdiscipline.com>
Date: Tue, 6 Jun 2023 11:39:21 +0200
Subject: [PATCH] auth_token: fix issue when data in cache gets corrupted

Previously token cache was not correctly handling the case when data
in memcached is un-decryptable.
The cache process was returning a null value that was not considered
resulting a python exception raised

The commit fixes the issue by adding a condition to validate the value
returned.

Closes-bug: #2023015
Change-Id: Ic48d20569980781febc194083651736bed446953
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@industrialdiscipline.com>
---
 keystonemiddleware/auth_token/_cache.py       |  4 ++++
 .../tests/unit/auth_token/test_cache.py       | 20 +++++++++++++++++++
 ...data-corrupted-issue-d1bd546625690581.yaml |  6 ++++++
 3 files changed, 30 insertions(+)
 create mode 100644 releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml

diff --git a/keystonemiddleware/auth_token/_cache.py b/keystonemiddleware/auth_token/_cache.py
index 8b9b178e..c2828b5e 100644
--- a/keystonemiddleware/auth_token/_cache.py
+++ b/keystonemiddleware/auth_token/_cache.py
@@ -239,6 +239,10 @@ class TokenCache(object):
             serialized = serialized.encode('utf8')
         data = self._deserialize(serialized, context)
 
+        if data is None:
+            # In case decryption fails, e.g. data corrupted in memcached.
+            return None
+
         if not isinstance(data, str):
             data = data.decode('utf-8')
 
diff --git a/keystonemiddleware/tests/unit/auth_token/test_cache.py b/keystonemiddleware/tests/unit/auth_token/test_cache.py
index d3e279bf..c6fcbcbf 100644
--- a/keystonemiddleware/tests/unit/auth_token/test_cache.py
+++ b/keystonemiddleware/tests/unit/auth_token/test_cache.py
@@ -13,6 +13,7 @@
 import uuid
 
 import fixtures
+from unittest import mock
 
 from keystonemiddleware.auth_token import _cache
 from keystonemiddleware.auth_token import _exceptions as exc
@@ -122,6 +123,25 @@ class TestLiveMemcache(base.BaseAuthTokenTestCase):
         token_cache.set(token, data)
         self.assertEqual(token_cache.get(token), data)
 
+    @mock.patch("keystonemiddleware.auth_token._memcache_crypt.unprotect_data")
+    def test_corrupted_cache_data(self, mocked_decrypt_data):
+        mocked_decrypt_data.side_effect = Exception("corrupted")
+
+        conf = {
+            'memcached_servers': ','.join(MEMCACHED_SERVERS),
+            'memcache_security_strategy': 'encrypt',
+            'memcache_secret_key': 'mysecret'
+        }
+
+        token = uuid.uuid4().hex.encode()
+        data = uuid.uuid4().hex
+
+        token_cache = self.create_simple_middleware(conf=conf)._token_cache
+        token_cache.initialize({})
+
+        token_cache.set(token, data)
+        self.assertIsNone(token_cache.get(token))
+
     def test_sign_cache_data(self):
         conf = {
             'memcached_servers': ','.join(MEMCACHED_SERVERS),
diff --git a/releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml b/releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml
new file mode 100644
index 00000000..bf504937
--- /dev/null
+++ b/releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    In situation of encryption using memcached. Its possible that data
+    in memcached becomes un-decryptable. The previous implementation
+    of token cache was not correctly handling the case.