invalid authorization header value generates 500 response
Bug #1384440 reported by
clayg
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Object Storage (swift) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
tempauth does something like:
env['HTTP_
Which will fail like you'd expect.
Keystone's s3_token seems a bit smarter:
auth_header.split(' ')[-1]
and then that is wrapped in a try/except.
Revision history for this message
| clayg (clay-gerrard) wrote | #1 |
| Changed in swift: | |
| status: | New → Fix Released |
Revision history for this message
| Tim Burke (1-tim-z) wrote | #2 |
To post a comment you must log in.
so I went back to f595a7e70492c27
ubuntu@saio:~$ curl http://
* Trying 127.0.0.1...
* Connected to saio (127.0.0.1) port 8080 (#0)
> GET /v1/auth/v1.0 HTTP/1.1
> Host: saio:8080
> User-Agent: curl/7.47.0
> Accept: */*
> Authorization: monkies
>
< HTTP/1.1 500 Internal Error
< Content-Length: 17
< Content-Type: text/plain
< X-Trans-Id: txe7dff976d8584
< Date: Wed, 26 Jul 2017 22:04:10 GMT
<
* Connection #0 to host saio left intact
An error occurred
But it works now!
ubuntu@saio:~$ curl http://
* Trying 127.0.0.1...
* Connected to saio (127.0.0.1) port 8080 (#0)
> GET /v1/auth/v1.0 HTTP/1.1
> Host: saio:8080
> User-Agent: curl/7.47.0
> Accept: */*
> Authorization: monkies
>
< HTTP/1.1 401 Unauthorized
< Content-Length: 131
< Content-Type: text/html; charset=UTF-8
< Www-Authenticate: Swift realm="unknown"
< X-Trans-Id: txd60d71da4ebf4
< X-Openstack-
< Date: Wed, 26 Jul 2017 22:05:27 GMT
<
* Connection #0 to host saio left intact
<html><
I bet it all got fixed when timburke reworked the aws/swift3 stuff - but I'm not going to go check.
All greps for HTTP_AUTHORIZATION or just Authorization come up empty on common/middleware. There's something in tests related to AWS/swift3 but it seems to 401 correctly even if the Authorization header is bogus looking.