diff options
author | Matthieu Huin <mhuin@redhat.com> | 2022-05-12 14:49:06 +0200 |
---|---|---|
committer | Matthieu Huin <mhuin@redhat.com> | 2022-05-12 18:48:19 +0200 |
commit | 03878ee643c575c6df9ebc5fb49da6f7a204a81e (patch) | |
tree | 707ad44ff78bcb024a4010999cb8a8b52300f275 /tests | |
parent | 3010b7cca036532c334a1a010197bebc1d14ab71 (diff) | |
download | zuul-03878ee643c575c6df9ebc5fb49da6f7a204a81e.tar.gz |
Handle jwt decoding error, fix exception default messages
Using a badly formatted token resulted in an error 500 from zuul-web.
Return a more precise error message and an error 401 in zuul-web when
this occurs.
Also fix a typo in default messages for some auth-related exceptions.
Change-Id: I4abe013e76ac51c3dad7ccd969ffe79f5cb459e3
Diffstat (limited to 'tests')
-rw-r--r-- | tests/unit/test_web.py | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/tests/unit/test_web.py b/tests/unit/test_web.py index 4b696534b..81861c916 100644 --- a/tests/unit/test_web.py +++ b/tests/unit/test_web.py @@ -1740,6 +1740,33 @@ class TestTenantScopedWebApi(BaseTestWeb): 'pipeline': 'check'}) self.assertEqual(401, resp.status_code) + def test_bad_format_JWT_token(self): + token = 'thisisnotwhatatokenshouldbelike' + resp = self.post_url( + "api/tenant/tenant-one/project/org/project/autohold", + headers={'Authorization': 'Bearer %s' % token}, + json={'job': 'project-test1', + 'count': 1, + 'reason': 'because', + 'node_hold_expiration': 36000}) + self.assertEqual(401, resp.status_code) + resp = self.post_url( + "api/tenant/tenant-one/project/org/project/enqueue", + headers={'Authorization': 'Bearer %s' % token}, + json={'trigger': 'gerrit', + 'change': '2,1', + 'pipeline': 'check'}) + self.assertEqual(401, resp.status_code) + resp = self.post_url( + "api/tenant/tenant-one/project/org/project/enqueue", + headers={'Authorization': 'Bearer %s' % token}, + json={'trigger': 'gerrit', + 'ref': 'abcd', + 'newrev': 'aaaa', + 'oldrev': 'bbbb', + 'pipeline': 'check'}) + self.assertEqual(401, resp.status_code) + def test_expired_JWT_token(self): authz = {'iss': 'zuul_operator', 'sub': 'testuser', |