Use server supplied error strings

The zuul-web server produces a wealth of information about token
auth errors, so in our error handling, if we recieve any such
information in the returned json doc, pass that on to the user.

The existing catch-all messages are retained as defaults.

Also, avoid printing double tracebacks on error.

Change-Id: I6a1f316c6bc380b36b31670ab495e81ac736f6e1
This commit is contained in:
James E. Blair 2023-10-25 10:44:44 -07:00
parent 92bbf8a165
commit 2b8132b406

View File

@ -90,16 +90,28 @@ class ZuulRESTClient(object):
def _check_request_status(self, req): def _check_request_status(self, req):
try: try:
req.raise_for_status() req.raise_for_status()
msg = None
except Exception as e: except Exception as e:
if req.status_code == 401: if req.status_code == 401:
raise ZuulRESTException( msg = \
'Unauthorized - your token might be invalid or expired.') 'Unauthorized - your token might be invalid or expired.'
elif req.status_code == 403: elif req.status_code == 403:
raise ZuulRESTException( msg = \
'Insufficient privileges to perform the action.') 'Insufficient privileges to perform the action.'
else: else:
raise ZuulRESTException( msg = \
'Unknown error code %s: "%s"' % (req.status_code, e)) 'Unknown error code %s: "%s"' % (req.status_code, e)
try:
doc = req.json()
msg = '%s: %s' % (doc['error'], doc['description'])
except Exception:
pass
# This is outside the above handler in order to suppress the
# original exception (this one will still have an appropriate
# traceback; we don't need both).
if msg:
raise ZuulRESTException(msg)
def _check_scope(self, tenant): def _check_scope(self, tenant):
scope = self.info.get("tenant", None) scope = self.info.get("tenant", None)