Revision 11366070
b/docs/astakos-api-guide.rst | ||
---|---|---|
484 | 484 |
Return Code Description |
485 | 485 |
=========================== ===================== |
486 | 486 |
200 (OK) The request succeeded |
487 |
400 (Bad Request) Method not allowed or invalid request format or missing expected input |
|
487 |
400 (Bad Request) Method not allowed or invalid request format or missing expected input or not consistent tenantName
|
|
488 | 488 |
401 (Unauthorized) Invalid token or invalid creadentials or tenantName does not comply with the provided token |
489 | 489 |
500 (Internal Server Error) The request cannot be completed because of an internal error |
490 | 490 |
=========================== ===================== |
b/snf-astakos-app/astakos/api/tokens.py | ||
---|---|---|
68 | 68 |
token_id = req['auth']['passwordCredentials']['password'] |
69 | 69 |
uuid = req['auth']['passwordCredentials']['username'] |
70 | 70 |
except KeyError: |
71 |
raise faults.BadRequest('Malformed request') |
|
71 |
raise faults.BadRequest( |
|
72 |
'Malformed request: missing credentials') |
|
73 |
|
|
74 |
tenant = req['auth'].get('tenantName') |
|
72 | 75 |
|
73 | 76 |
if token_id is None: |
74 |
raise faults.BadRequest('Malformed request') |
|
77 |
raise faults.BadRequest('Malformed request: missing token')
|
|
75 | 78 |
|
76 | 79 |
try: |
77 | 80 |
user = AstakosUser.objects.get(auth_token=token_id) |
... | ... | |
84 | 87 |
if user.uuid != uuid: |
85 | 88 |
raise faults.Unauthorized('Invalid credentials') |
86 | 89 |
|
90 |
if tenant is not None: |
|
91 |
if user.uuid != tenant: |
|
92 |
raise faults.BadRequest('Not conforming tenantName') |
|
93 |
|
|
87 | 94 |
d["access"]["token"] = { |
88 | 95 |
"id": user.auth_token, |
89 | 96 |
"expires": utils.isoformat(user.auth_token_expires), |
b/snf-astakos-app/astakos/im/tests/api.py | ||
---|---|---|
462 | 462 |
r = client.post(url, post_data, content_type='application/json') |
463 | 463 |
self.assertEqual(r.status_code, 400) |
464 | 464 |
body = json.loads(r.content) |
465 |
self.assertEqual(body['badRequest']['message'],
|
|
466 |
'Malformed request')
|
|
465 |
self.assertTrue(body['badRequest']['message'].
|
|
466 |
startswith('Malformed request'))
|
|
467 | 467 |
|
468 | 468 |
# Check malformed request: missing username |
469 | 469 |
url = reverse('astakos.api.tokens.authenticate') |
... | ... | |
473 | 473 |
r = client.post(url, post_data, content_type='application/json') |
474 | 474 |
self.assertEqual(r.status_code, 400) |
475 | 475 |
body = json.loads(r.content) |
476 |
self.assertEqual(body['badRequest']['message'],
|
|
477 |
'Malformed request')
|
|
476 |
self.assertTrue(body['badRequest']['message'].
|
|
477 |
startswith('Malformed request'))
|
|
478 | 478 |
|
479 | 479 |
# Check invalid pass |
480 | 480 |
url = reverse('astakos.api.tokens.authenticate') |
... | ... | |
520 | 520 |
except Exception, e: |
521 | 521 |
self.fail(e) |
522 | 522 |
|
523 |
# Check malformed request: missing token |
|
524 |
url = reverse('astakos.api.tokens.authenticate') |
|
525 |
post_data = """{"auth":{"auth_token":{"id":"%s"}, |
|
526 |
"tenantName":"%s"}}""" % ( |
|
527 |
self.user1.auth_token, self.user1.uuid) |
|
528 |
r = client.post(url, post_data, content_type='application/json') |
|
529 |
self.assertEqual(r.status_code, 400) |
|
530 |
body = json.loads(r.content) |
|
531 |
self.assertTrue(body['badRequest']['message']. |
|
532 |
startswith('Malformed request')) |
|
533 |
|
|
534 |
# Check bad request: inconsistent tenant |
|
535 |
url = reverse('astakos.api.tokens.authenticate') |
|
536 |
post_data = """{"auth":{"token":{"id":"%s"}, |
|
537 |
"tenantName":"%s"}}""" % ( |
|
538 |
self.user1.auth_token, self.user2.uuid) |
|
539 |
r = client.post(url, post_data, content_type='application/json') |
|
540 |
self.assertEqual(r.status_code, 400) |
|
541 |
body = json.loads(r.content) |
|
542 |
self.assertEqual(body['badRequest']['message'], |
|
543 |
'Not conforming tenantName') |
|
544 |
|
|
523 | 545 |
# Check successful json response |
524 | 546 |
url = reverse('astakos.api.tokens.authenticate') |
525 | 547 |
post_data = """{"auth":{"passwordCredentials":{"username":"%s", |
... | ... | |
560 | 582 |
# body = minidom.parseString(r.content) |
561 | 583 |
# except Exception, e: |
562 | 584 |
# self.fail(e) |
563 |
|
|
564 |
# test public mode: json response |
Also available in: Unified diff