Bug 488830 - checkAuthToken API returns unhandled exception for correct token
checkAuthToken API returns unhandled exception for correct token
Product: Red Hat Satellite 5
Classification: Red Hat
Component: API (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Brad Buckingham
Sayli Karmarkar
Depends On:
Blocks: 456996
  Show dependency treegraph
Reported: 2009-03-05 16:14 EST by Sayli Karmarkar
Modified: 2015-03-22 21:09 EDT (History)
2 users (show)

See Also:
Fixed In Version: sat530
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-09-10 15:54:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Sayli Karmarkar 2009-03-05 16:14:49 EST
Description of problem:
server.auth.checkAuthToken("admin", key)
Traceback (most recent call last):
  File "<stdin>", line 1, in ?
  File "/usr/lib/python2.4/xmlrpclib.py", line 1096, in __call__
    return self.__send(self.__name, args)
  File "/usr/lib/python2.4/xmlrpclib.py", line 1383, in __request
  File "/usr/lib/python2.4/xmlrpclib.py", line 1147, in request
    return self._parse_response(h.getfile(), sock)
  File "/usr/lib/python2.4/xmlrpclib.py", line 1286, in _parse_response
    return u.close()
  File "/usr/lib/python2.4/xmlrpclib.py", line 744, in close
    raise Fault(**self._stack[0])
xmlrpclib.Fault: <Fault -1: 'redstone.xmlrpc.XmlRpcFault: unhandled internal exception: 28089x8fcfafa7ee0be302626480c9377766ae'>

How reproducible:

import xmlrpclib
server = xmlrpclib.Server("http://sat-url/rpc/api", verbose = 0)
key = server.auth.login("login", "password")
server.auth.checkAuthToken("login", key)
Actual results:
xmlrpclib.Fault: <Fault -1: 'redstone.xmlrpc.XmlRpcFault: unhandled internal exception: 28089x8fcfafa7ee0be302626480c9377766ae'>

Expected results:
No error
Comment 1 Brad Buckingham 2009-03-11 11:42:05 EDT
The session key returned by login() and the token validated by checkAuthToken() are different values.

I plan to update the API docs to make that clearer.

The auth token is currently only used for the Satellite-Cobbler interface; however, it could be used for other interfaces in the future.  The token is something that is created by Satellite and passed to Cobbler.
Comment 2 Brad Buckingham 2009-03-11 13:37:18 EDT
git commit: dd823002853b052036cb2e84600c06cd999faabc

After further discussion, we decided that since this API is not intended for use by users, the external API doc for it was removed.  With this change, the ./apidoc/handlers/AuthHandler.jsp will no longer include checkAuthToken.
Comment 3 Brad Buckingham 2009-03-17 17:17:46 EDT
mass move to ON_QA
Comment 4 Sayli Karmarkar 2009-03-18 16:03:05 EDT
Comment 5 John Sefler 2009-08-31 13:47:16 EDT
Verified on staged (Satellite-5.3.0-RHEL5-re20090724.0) with updates from Aug 20, 2009

Help|About > API > auth

Verified that method checkAuthToken() is not present in the api docs.

Comment 6 Brandon Perkins 2009-09-10 15:54:41 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.