tacker

Wrong http code returned when getting all vnf packages with malformed authorization token

Bug #1915119 reported by YaoYudie on 2021-02-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	tacker	In Progress	Medium	Yasufumi Ogawa

Bug Description

according to SOL013 v2.6.1 (clause 6.4 Common error situations), the API should return:
400 Bad Request: If the request contains a malformed access token, the API producer should respond with this response.
However, the API returns with http code 401

operation log:
root@ubuntu:~# curl -i -X GET http://172.22.39.3:9890/vnfpkgm/v1/vnf_packages -H "Content-type: application/json" -H "Authorization:Bearer QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
HTTP/1.1 401 Unauthorized
Content-Type: application/json
Content-Length: 114
Www-Authenticate: Keystone uri="http://172.22.39.3/identity"
X-Openstack-Request-Id: req-99c71b24-aef8-46ce-9965-8ef8f3296b3d
Date: Fri, 12 Feb 2021 07:44:39 GMT

{"error": {"code": 401, "title": "Unauthorized", "message": "The request you have made requires authentication."}}root@ubuntu:~#
root@ubuntu:~#

See original description

YaoYudie (yaoyudie) on 2021-02-09

Changed in tacker:
assignee:	nobody → YaoYudie (yaoyudie)

Keiichiro Yamakawa (yamak16) on 2021-02-10

Changed in tacker:
assignee:	YaoYudie (yaoyudie) → nobody

YaoYudie (yaoyudie) on 2021-02-12

description:

updated

Yasufumi Ogawa (yasufum) on 2021-03-09

Changed in tacker:
importance:	Undecided → Medium

kexuesheng (kexuesheng) on 2021-05-10

Changed in tacker:
assignee:	nobody → kexuesheng (kexuesheng)

Revision history for this message

Yasufumi Ogawa (yasufum) wrote on 2021-08-02:

Any update?

kexuesheng (kexuesheng) on 2021-08-04

Changed in tacker:
assignee:	kexuesheng (kexuesheng) → nobody

Revision history for this message

Hiromu Asahina (h-asahina) wrote on 2021-09-22 (last edit on 2021-11-16):

I think this is not a Tacker issue, but a keystonemiddlware issue.
The error you mentioned is raised from the process_request method of keystonemiddlware.

https://github.com/openstack/keystonemiddleware/blob/90df936708aee36d77cead548d04cb7db2327f47/keystonemiddleware/auth_token/__init__.py#L680-L686

So, it's difficult to fix it unless changing the authentication flow of Tacker.

Yasufumi Ogawa (yasufum) on 2022-11-28

Changed in tacker:
assignee:	nobody → Yasufumi Ogawa (yasufum)
status:	New → In Progress

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.