Machines REST API fails to parse postman OAuth token

Bug #1816940 reported by Gabriel Ramirez
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
MAAS
Fix Released
Undecided
Unassigned

Bug Description

Requests from POSTman such as below:
===========
POST /MAAS/api/2.0/machines/?op=allocate HTTP/1.1
Host: maas:5240
Accept: application/json
Authorization: OAuth oauth_consumer_key="jZe4PnUS523Ak4GSRs",oauth_token="xHgZtadMnAtbmbUmrG",oauth_signature_method="PLAINTEXT",oauth_timestamp="1550709651",oauth_nonce="P4RdGbMpZ1I",oauth_version="1.0",oauth_signature="%26xqpapMX8bS6mnQknWcpVQz3WHWYUQdwN"
cache-control: no-cache
Postman-Token: 9371c223-7b5c-45ec-9638-7816e620fa95
===========

Fail b/c extract_oauth_key_from_auth_header() function in maasserver/api/utils.py is currently written to assume each OAuth parameter is separated by a comma and trailing whitespace, which is not the case for POSTman generated token

Related branches

Revision history for this message
Gabriel Ramirez (gabriel1109) wrote :
Changed in maas:
milestone: none → next
status: New → Fix Committed
Changed in maas:
milestone: next → 2.6.0rc1
Changed in maas:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.