Handle empty scopes and always send the WWW-Authenticate header, as per spec

Fixes #1045
2015-12-09 15:07:37 -05:00 · 2015-12-09 15:07:37 -05:00 · ca7d36bf14
commit ca7d36bf14
parent c8f43ed08e
10 changed files with 47 additions and 41 deletions
--- a/test/registry_tests.py
+++ b/test/registry_tests.py
@ -1193,6 +1193,9 @@ class V1LoginTests(V1RegistryLoginMixin, LoginTests, RegistryTestCaseMixin, Base
 class V2LoginTests(V2RegistryLoginMixin, LoginTests, RegistryTestCaseMixin, BaseRegistryMixin, LiveServerTestCase):
  """ Tests for V2 login. """

+  def test_nouser_noscope(self):
+    self.do_login('', '', expected_code=401, scope='')
+
  def test_validuser_unknownrepo(self):
    self.do_login('devtable', 'password', expect_success=False,
                  scope='repository:invalidnamespace/simple:pull')
--- a/test/test_registry_v2_auth.py
+++ b/test/test_registry_v2_auth.py
@ -7,8 +7,8 @@ from cryptography.hazmat.primitives.asymmetric import rsa

 from app import app
 from endpoints.v2.v2auth import TOKEN_VALIDITY_LIFETIME_S, load_certificate_bytes, load_private_key
-from auth.jwt_auth import (identity_from_bearer_token, load_public_key, InvalidJWTException,
-                           build_context_and_subject, ANONYMOUS_SUB)
+from auth.registry_jwt_auth import (identity_from_bearer_token, load_public_key,
+                                    InvalidJWTException, build_context_and_subject, ANONYMOUS_SUB)
 from util.morecollections import AttrDict