MAAS

Merge ~ggouzi/maas:raise-base-request-missing-oauth-timestamp into maas:master

  1. Git
  2. lp:~ggouzi/maas
  3. raise-base-request-missing-oauth-timestamp
  4. Merge into master
Proposed by Gaetan Gouzi
Status: Merged
Approved by: Jack Lloyd-Walters
Approved revision: d9420f2caea1798402c807e73bf768d2e67e0d47
Merge reported by: MAAS Lander
Merged at revision: not available
Proposed branch: ~ggouzi/maas:raise-base-request-missing-oauth-timestamp
Merge into: maas:master
Diff against target: 77 lines (+32/-3)
2 files modified
src/maasserver/api/auth.py (+16/-2)
src/maasserver/api/tests/test_auth.py (+16/-1)
Reviewer Review Type Date Requested Status
Jack Lloyd-Walters Approve
MAAS Lander Approve
Review via email: mp+458852@code.launchpad.net

This proposal supersedes a proposal from 2024-01-04.

Commit message

Raise a HTTP 400 if `oauth_timestamp` is not set

To post a comment you must log in.
Revision history for this message
MAAS Lander (maas-lander) wrote : Posted in a previous version of this proposal

UNIT TESTS
-b raise-base-request-missing-oauth-timestamp lp:~ggouzi/maas/+git/maas into -b master lp:~maas-committers/maas

STATUS: FAILED
LOG: http://maas-ci.internal:8080/job/maas-tester/4318/console
COMMIT: 6f02b3ea54983414a4a7b819f2127edf9bca332e

review: Needs Fixing
Revision history for this message
Jack Lloyd-Walters (lloydwaltersj) wrote : Posted in a previous version of this proposal

Imports are incorrectly sorted, run the formatter to fix that.

review: Needs Fixing
Revision history for this message
MAAS Lander (maas-lander) wrote : Posted in a previous version of this proposal

UNIT TESTS
-b raise-base-request-missing-oauth-timestamp lp:~ggouzi/maas/+git/maas into -b master lp:~maas-committers/maas

STATUS: FAILED
LOG: http://maas-ci.internal:8080/job/maas-tester/4330/console
COMMIT: da2c594527e97482d3d9201e8ac98e72928a2010

review: Needs Fixing
Revision history for this message
Jack Lloyd-Walters (lloydwaltersj) wrote : Posted in a previous version of this proposal

ImportError: cannot import name 'OAuthBadRequest' from 'piston3.oauth' (/usr/lib/python3/dist-packages/piston3/oauth.py)

Revision history for this message
Gaetan Gouzi (ggouzi) wrote : Posted in a previous version of this proposal

> ImportError: cannot import name 'OAuthBadRequest' from 'piston3.oauth'
> (/usr/lib/python3/dist-packages/piston3/oauth.py)
My mistake, should have waited for https://code.launchpad.net/~ggouzi/django-piston3/+git/django-piston3/+merge/457993, where OAuthBadRequest is defined, to be merged

Revision history for this message
MAAS Lander (maas-lander) wrote : Posted in a previous version of this proposal

UNIT TESTS
-b raise-base-request-missing-oauth-timestamp lp:~ggouzi/maas/+git/maas into -b master lp:~maas-committers/maas

STATUS: FAILED
LOG: http://maas-ci.internal:8080/job/maas-tester/4344/console
COMMIT: 35e9b2a63f1371beef7576a401d6dab2d23ad9e9

review: Needs Fixing
Revision history for this message
Jack Lloyd-Walters (lloydwaltersj) wrote : Posted in a previous version of this proposal

jenkins: !test

Revision history for this message
Jack Lloyd-Walters (lloydwaltersj) wrote : Posted in a previous version of this proposal

I believe the piston changes have since landed, so let's request a re-test

Revision history for this message
MAAS Lander (maas-lander) wrote : Posted in a previous version of this proposal

UNIT TESTS
-b raise-base-request-missing-oauth-timestamp lp:~ggouzi/maas/+git/maas into -b master lp:~maas-committers/maas

STATUS: FAILED
LOG: http://maas-ci.internal:8080/job/maas-tester/4460/console
COMMIT: 35e9b2a63f1371beef7576a401d6dab2d23ad9e9

review: Needs Fixing
Revision history for this message
Gaetan Gouzi (ggouzi) : Posted in a previous version of this proposal
Revision history for this message
MAAS Lander (maas-lander) wrote :

UNIT TESTS
-b raise-base-request-missing-oauth-timestamp lp:~ggouzi/maas/+git/maas into -b master lp:~maas-committers/maas

STATUS: SUCCESS
COMMIT: d9420f2caea1798402c807e73bf768d2e67e0d47

review: Approve
Revision history for this message
Jack Lloyd-Walters (lloydwaltersj) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/maasserver/api/auth.py b/src/maasserver/api/auth.py
2index 7d4b93e..e17527e 100644
3--- a/src/maasserver/api/auth.py
4+++ b/src/maasserver/api/auth.py
5@@ -7,10 +7,10 @@
6 from operator import xor
7
8 from piston3.authentication import OAuthAuthentication, send_oauth_error
9-from piston3.oauth import OAuthError
10+from piston3.oauth import OAuthError, OAuthMissingParam
11 from piston3.utils import rc
12
13-from maasserver.exceptions import Unauthorized
14+from maasserver.exceptions import MAASAPIBadRequest, Unauthorized
15 from maasserver.macaroon_auth import (
16 MacaroonAPIAuthentication,
17 validate_user_external_auth,
18@@ -18,6 +18,18 @@ from maasserver.macaroon_auth import (
19 from maasserver.models.user import SYSTEM_USERS
20
21
22+class OAuthBadRequest(MAASAPIBadRequest):
23+ """BadRequest error for OAuth signed requests with invalid parameters."""
24+
25+ def __init__(self, error):
26+ super().__init__()
27+ self.error = error
28+ self.error.message = f"Bad Request: {error.message}"
29+
30+ def __str__(self):
31+ return repr(self.error.message)
32+
33+
34 class OAuthUnauthorized(Unauthorized):
35 """Unauthorized error for OAuth signed requests with invalid tokens."""
36
37@@ -62,6 +74,8 @@ class MAASAPIAuthentication(OAuthAuthentication):
38 consumer, token, parameters = self.validate_token(request)
39 except OAuthError as error:
40 raise OAuthUnauthorized(error)
41+ except OAuthMissingParam as error:
42+ raise OAuthBadRequest(error)
43
44 if consumer and token:
45 user = token.user
46diff --git a/src/maasserver/api/tests/test_auth.py b/src/maasserver/api/tests/test_auth.py
47index b34a67f..0bfac82 100644
48--- a/src/maasserver/api/tests/test_auth.py
49+++ b/src/maasserver/api/tests/test_auth.py
50@@ -11,7 +11,11 @@ from django.contrib.auth.models import AnonymousUser
51 from piston3 import oauth
52
53 from maasserver.api import auth as api_auth
54-from maasserver.api.auth import MAASAPIAuthentication, OAuthUnauthorized
55+from maasserver.api.auth import (
56+ MAASAPIAuthentication,
57+ OAuthBadRequest,
58+ OAuthUnauthorized,
59+)
60 from maasserver.middleware import ExternalAuthInfo
61 from maasserver.secrets import SecretManager
62 from maasserver.testing.factory import factory
63@@ -164,3 +168,14 @@ class TestOAuthUnauthorized(MAASTestCase):
64 "Authorization Error: Invalid API key.",
65 str(maas_exception),
66 )
67+
68+
69+class TestOAuthBadRequest(MAASTestCase):
70+ def test_exception_unicode_includes_original_failure_message(self):
71+ error_msg = factory.make_name("error-message")
72+ original_exception = oauth.OAuthMissingParam(error_msg)
73+ maas_exception = OAuthBadRequest(original_exception)
74+ self.assertIn(
75+ f"Bad Request: {error_msg}",
76+ str(maas_exception),
77+ )

Subscribers

People subscribed via source and target branches