buffet: Handle authentication failures better
Previously the lack of an access token would raise a "list index out
of range" assertion, and cause a 500 response. This was causing buffet
to fail since it didn't realize it needed to reauthenticate.
TEST=test_that <ip_address> buffet_Registration
BUG=brillo:378
Change-Id: Ifdbc64c6a28cbedea7cd176b395666be975da71d
Reviewed-on: https://chromium-review.googlesource.com/254560
Reviewed-by: David Zeuthen <zeuthen@chromium.org>
Reviewed-by: Christopher Wiley <wiley@chromium.org>
Commit-Queue: Nathan Bullock <nathanbullock@google.com>
Tested-by: Nathan Bullock <nathanbullock@google.com>
diff --git a/client/common_lib/cros/fake_device_server/common_util.py b/client/common_lib/cros/fake_device_server/common_util.py
index 22cf3e7..d89fa86 100755
--- a/client/common_lib/cros/fake_device_server/common_util.py
+++ b/client/common_lib/cros/fake_device_server/common_util.py
@@ -37,8 +37,12 @@
if header is None:
logging.error('No authorization header found.')
return None
+ fields = header.split()
+ if len(fields) != 2 or fields[0] != "Bearer":
+ logging.error('No access token found.')
+ return None
logging.debug('Got authorization header "%s"', header)
- return header.split()[1]
+ return fields[1]
def parse_common_args(args_tuple, kwargs, supported_operations=set()):
diff --git a/client/common_lib/cros/fake_device_server/devices.py b/client/common_lib/cros/fake_device_server/devices.py
index 88a2fe3..d8c9965 100755
--- a/client/common_lib/cros/fake_device_server/devices.py
+++ b/client/common_lib/cros/fake_device_server/devices.py
@@ -158,6 +158,8 @@
"""
device_id, _, _ = common_util.parse_common_args(args, kwargs)
access_token = common_util.get_access_token()
+ if not access_token:
+ raise server_errors.HTTPError(401, 'Access denied.')
api_key = self._oauth.get_api_key_from_access_token(access_token)
data = common_util.parse_serialized_json()
self._validate_device_resource(data)
