1252824 – [origin_devexp_555]The tip info is confusing when use invalid token to clone repo from origin-gitserver

Bug 1252824 - [origin_devexp_555]The tip info is confusing when use invalid token to clone repo from origin-gitserver

Summary: [origin_devexp_555]The tip info is confusing when use invalid token to clone ...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OKD
Classification:	Red Hat
Component:	Build
Sub Component:
Version:	3.x
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	low
Target Milestone:	---
Target Release:	---
Assignee:	Cesar Wong
QA Contact:	Wenjing Zheng
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-08-12 09:58 UTC by DeShuai Ma
Modified:	2016-05-12 17:16 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-05-12 17:16:13 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description DeShuai Ma 2015-08-12 09:58:35 UTC

Description of problem:
When use invalid token to clone repo from origin-gitserver, it always tip http 500 error, the tip info is confusing.

Version-Release number of selected component (if applicable):
openshift v1.0.4-184-gc5f08bc-dirty
kubernetes v1.1.0-alpha.0-1155-gb73c53c

How reproducible:
Always

Steps to Reproduce:
1.Config gitserver to use token to auth
$ cat examples/gitserver/gitserver.yaml
---skip---
- name: REQUIRE_SERVER_AUTH
  value: "-"

2.Deploy a private gitserver
$ oc create -f gitserver.yaml -n dma1

3.Input invalid token(password) to clone the repo from origin-gitserver
[fedora@ip-10-154-3-36 ruby-sample-build]$ git clone http://172.30.215.113:8080/test.git
Cloning into 'test'...
Username for 'http://172.30.215.113:8080': dma
Password for 'http://dma@172.30.215.113:8080': 
remote: the server has asked for the client to provide credentials (post subjectAccessReviews)
fatal: unable to access 'http://172.30.215.113:8080/test.git/': The requested URL returned error: 500

Actual results:
3. The tip info is error 500, it's confusing

Expected results:
3. It should tip Forbidden or the token is invalid.

Additional info:

Comment 1 Clayton Coleman 2015-08-21 02:52:53 UTC

Hrm - the default token should let us perform SARs.

Comment 2 DeShuai Ma 2015-09-11 07:00:23 UTC

On ose env, always fail with 500 error, even use correct token.
[root@openshift-106 gitserver]# git clone http://172.30.224.220:8080/test.git
Cloning into 'test'...
Username for 'http://172.30.224.220:8080': dma
Password for 'http://dma@172.30.224.220:8080': 
fatal: unable to access 'http://172.30.224.220:8080/test.git/': The requested URL returned error: 500

Comment 3 Cesar Wong 2015-11-19 19:08:09 UTC

PR https://github.com/openshift/origin/pull/5894

Comment 4 DeShuai Ma 2015-11-20 02:13:11 UTC

[fedora@ip-172-18-9-199 sample-app]$ openshift version
openshift v1.1-60-g0411059
kubernetes v1.1.0-origin-1107-g4c8e6f4
etcd 2.1.2

[fedora@ip-172-18-9-199 sample-app]$ git clone http://172.30.91.206:8080/test.git
Cloning into 'test'...
Username for 'http://172.30.91.206:8080': dma
Password for 'http://dma@172.30.91.206:8080': 
remote: the server has asked for the client to provide credentials (post localSubjectAccessReviews)
fatal: Authentication failed for 'http://172.30.91.206:8080/test.git/'

Note You need to log in before you can comment on or make changes to this bug.