vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

v2: always send www-authn headers on unauthorized

Browse source 
Fixes #1254.
This commit is contained in:
Jimmy Zelinskie 2016-02-22 12:21:22 -05:00 committed by Joseph Schorr
parent 1b7d741e30
commit c7904db30d
2 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
endpoints/v2/__init__.py
View file

@ -30,7 +30,10 @@ def handle_registry_v2_exception(error):
response = jsonify({
'errors': [error.as_dict()]
})
response.status_code = error.http_status_code
if response.status_code == 401:
response.headers.extend(get_auth_headers())
logger.debug('sending response: %s', response.get_data())
return response

5
test/registry_tests.py
View file

@ -1319,7 +1319,10 @@ class V2RegistryTests(V2RegistryPullMixin, V2RegistryPushMixin, RegistryTestsMix
self.assertEquals(len(data['tags']), 1)
# Try to get tags before a repo exists.
self.conduct('GET', '/v2/devtable/doesnotexist/tags/list', auth='jwt', expected_code=401)
response = self.conduct('GET', '/v2/devtable/doesnotexist/tags/list', auth='jwt', expected_code=401)
# Assert 401s to non-auth endpoints also get the WWW-Authenticate header.
self.assertIn('WWW-Authenticate', response.headers)
def test_one_five_blacklist(self):
self.conduct('GET', '/v2/', expected_code=404, user_agent='Go 1.1 package http')