From 4c89134c632de11da52564f432483011a1cd0034 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Thu, 7 Apr 2022 11:58:29 -0500 Subject: http api: T4347: return complete and consistent error codes --- data/templates/https/nginx.default.tmpl | 13 ------------- src/services/vyos-http-api-server | 2 +- 2 files changed, 1 insertion(+), 14 deletions(-) diff --git a/data/templates/https/nginx.default.tmpl b/data/templates/https/nginx.default.tmpl index e8511bd62..a51505270 100644 --- a/data/templates/https/nginx.default.tmpl +++ b/data/templates/https/nginx.default.tmpl @@ -53,19 +53,6 @@ server { } error_page 497 =301 https://$host:{{ server.port }}$request_uri; - error_page 501 502 503 =200 @50*_json; - -{% if api_set %} - location @50*_json { - default_type application/json; - return 200 '{"error": "service https api unavailable at this proxy address: set service https api-restrict virtual-host"}'; - } -{% else %} - location @50*_json { - default_type application/json; - return 200 '{"error": "Start service in configuration mode: set service https api"}'; - } -{% endif %} } diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index 1000d8b72..c1b595412 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -352,7 +352,7 @@ class MultipartRoute(APIRoute): return error(e.status_code, e.detail) except Exception as e: if request.ERR_MISSING_KEY: - return error(422, "Valid API key is required") + return error(401, "Valid API key is required") if request.ERR_MISSING_DATA: return error(422, "Non-empty data field is required") if request.ERR_NOT_JSON: -- cgit v1.2.3 From 143621114e715eec996a2368011d7f559e89fa07 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Thu, 7 Apr 2022 14:57:44 -0500 Subject: smoketest: http: bind http api to unix domain socket --- smoketest/scripts/cli/test_service_https.py | 1 + 1 file changed, 1 insertion(+) diff --git a/smoketest/scripts/cli/test_service_https.py b/smoketest/scripts/cli/test_service_https.py index 2901cafa8..921344255 100755 --- a/smoketest/scripts/cli/test_service_https.py +++ b/smoketest/scripts/cli/test_service_https.py @@ -106,6 +106,7 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase): port = '443' name = 'localhost' + self.cli_set(base_path + ['api', 'socket']) key = 'MySuperSecretVyOS' self.cli_set(base_path + ['api', 'keys', 'id', 'key-01', 'key', key]) -- cgit v1.2.3 From 84bfac85a711d22d97e1ee39a5233738e14a7750 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Thu, 7 Apr 2022 15:04:55 -0500 Subject: smoketest: http: add check for missing key --- smoketest/scripts/cli/test_service_https.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/smoketest/scripts/cli/test_service_https.py b/smoketest/scripts/cli/test_service_https.py index 921344255..9413d22d1 100755 --- a/smoketest/scripts/cli/test_service_https.py +++ b/smoketest/scripts/cli/test_service_https.py @@ -133,5 +133,10 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase): # Must get HTTP code 401 on invalid key (Unauthorized) self.assertEqual(r.status_code, 401) + payload_no_key = {'data': '{"op": "showConfig", "path": []}'} + r = request('POST', url, verify=False, headers=headers, data=payload_no_key) + # Must get HTTP code 401 on missing key (Unauthorized) + self.assertEqual(r.status_code, 401) + if __name__ == '__main__': unittest.main(verbosity=2) -- cgit v1.2.3