Bug 856364 - Improve error handling when OAuth credentials are missing from requests
Improve error handling when OAuth credentials are missing from requests
Status: MODIFIED
Product: CloudForms Cloud Engine
Classification: Red Hat
Component: imagefactory (Show other bugs)
1.0.0
Unspecified Unspecified
medium Severity low
: rc
: ---
Assigned To: nobody nobody
Rehana
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-09-11 17:43 EDT by Matt Wagner
Modified: 2015-08-02 20:02 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Matt Wagner 2012-09-11 17:43:07 EDT
Description of problem:
It seems fairly common for people to mistakenly set up Factory to use OAuth, but configure Conductor to not use it. The only indication of the problem in the logs is a vague stack trace. (Conductor does a poor job reporting this as well, but that's a separate bug.)


Version-Release number of selected component (if applicable):
imagefactory-1.1.1-1.fc16.noarch


How reproducible:
100%


Steps to Reproduce:
1. Set up Image Factory to use OAuth
2. Set up Conductor to not use OAuth when talking to Factory
3. Make some request, e.g., attempt to import an image ('img1' from mock)

  
Actual results:
This appears in the Factory log:

2012-09-11 17:35:10,236 ERROR imgfac.rest.imagefactory thread(worker 0) Message: 'NoneType' object has no attribute 'encode'
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/imgfac/rest/imagefactory.py", line 50, in validate_two_leg_oauth
    oauth_server.verify_request(req, oauth_consumer, None)
  File "/usr/lib/python2.7/site-packages/oauth2/__init__.py", line 712, in verify_request
    self._check_signature(request, consumer, token)
  File "/usr/lib/python2.7/site-packages/oauth2/__init__.py", line 765, in _check_signature
    valid = signature_method.check(request, consumer, token, signature)
  File "/usr/lib/python2.7/site-packages/oauth2/__init__.py", line 816, in check
    built = self.sign(request, consumer, token)
  File "/usr/lib/python2.7/site-packages/oauth2/__init__.py", line 841, in sign
    key, raw = self.signing_base(request, consumer, token)
  File "/usr/lib/python2.7/site-packages/oauth2/__init__.py", line 833, in signing_base
    key = '%s&' % escape(consumer.secret)
  File "/usr/lib/python2.7/site-packages/oauth2/__init__.py", line 158, in escape
    return urllib.quote(s.encode('utf-8'), safe='~')
AttributeError: 'NoneType' object has no attribute 'encode'



Expected results:
A readable message indicating that it rejected a request that had no OAuth token but is running with OAuth required.


Additional info:
Comment 2 Steve Loranz 2012-10-22 12:39:40 EDT
This was addressed back in July for imagefactory 2.0.

https://github.com/aeolusproject/imagefactory/commit/ec6349d0116c218e9175ec03a460180879068667

Note You need to log in before you can comment on or make changes to this bug.