Payload content type is only partially validated if a payload isn't specified

Hello John, per the API doc if the 'payload' is not specified, the 'payload_content_type' and 'payload_content_encoding' fields are ignored: https://github.com/cloudkeep/barbican/wiki/Application-Programming-Interface#two-step-binary-secret-createretrieve

So I think this 'functions as designed', but perhaps the API should me modified to reject attempts to set those attributes if 'payload' is not specified? Worth bringing up at summit?

I would agree that they are ignored as in they will not be used. However, that doesn't mean that if someone provides information that we shouldn't validate the information. It seems odd to fully validate some optional attributes, but not others.

I agree that if it's passed we should validate it (if only because that's easy for us to do and we essentially have to do it when we use it anyway).

John, is the response that you put as what's going on correct? shouldn't it be a 202?

Fix proposed to branch: master
Review: https://review.openstack.org/149570

Reviewed: https://review.openstack.org/149570
Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=b4a785be1d5c7a6c43f4aa0ba65a7147aa161f37
Submitter: Jenkins
Branch: master

commit b4a785be1d5c7a6c43f4aa0ba65a7147aa161f37
Author: Juan Antonio Osorio Robles <email address hidden>
Date: Fri Jan 23 13:06:39 2015 +0200

    Fix content type validation if missing payload

    If no payload is provided, our API specifies that the payload's
    content type will be optional, but this doesn't mean that it will not
    be validated. This commit disables clients putting unsupported content
    types.

    Closes-Bug: #1376490
    Change-Id: I0836f30c8ea23eff515ff7d5f944f5cf85ebb5e8