From 556aa156979741292bde78425f413f9dee639b4f Mon Sep 17 00:00:00 2001 From: Brian Cline Date: Sun, 14 Feb 2016 04:55:42 -0600 Subject: [PATCH] Use correct content type on JSON responses Currently, in cases where swauth returns a JSON document as its body, it does not specify a content type, and swob defaults it to text/html. This change uses a standard content type of 'application/json' in each of these instances, and adjusts the tests accordingly. Closes-Bug: #1545430 APIImpact Change-Id: I96d343a87f462811bcefb7d402887f8a570fe6bd --- swauth/middleware.py | 36 +++++++++++++++++++++++++----------- test/unit/test_middleware.py | 24 ++++++++++++++++++++++++ 2 files changed, 49 insertions(+), 11 deletions(-) diff --git a/swauth/middleware.py b/swauth/middleware.py index 4ae1260..bd33b3f 100644 --- a/swauth/middleware.py +++ b/swauth/middleware.py @@ -60,6 +60,7 @@ from swauth import swift_version SWIFT_MIN_VERSION = "2.2.0" +CONTENT_TYPE_JSON = 'application/json' class Swauth(object): @@ -613,7 +614,8 @@ class Swauth(object): if container['name'][0] != '.': listing.append({'name': container['name']}) marker = sublisting[-1]['name'].encode('utf-8') - return Response(body=json.dumps({'accounts': listing})) + return Response(body=json.dumps({'accounts': listing}), + content_type=CONTENT_TYPE_JSON) def handle_get_account(self, req): """Handles the GET v2/ call for getting account information. @@ -669,8 +671,10 @@ class Swauth(object): if obj['name'][0] != '.': listing.append({'name': obj['name']}) marker = sublisting[-1]['name'].encode('utf-8') - return Response(body=json.dumps({'account_id': account_id, - 'services': services, 'users': listing})) + return Response(content_type=CONTENT_TYPE_JSON, + body=json.dumps({'account_id': account_id, + 'services': services, + 'users': listing})) def handle_set_services(self, req): """Handles the POST v2//.services call for setting services @@ -739,7 +743,8 @@ class Swauth(object): if resp.status_int // 100 != 2: raise Exception('Could not save .services object: %s %s' % (path, resp.status)) - return Response(request=req, body=services) + return Response(request=req, body=services, + content_type=CONTENT_TYPE_JSON) def handle_put_account(self, req): """Handles the PUT v2/ call for adding an account to the auth @@ -1016,7 +1021,7 @@ class Swauth(object): ('.reseller_admin' in display_groups and not self.is_super_admin(req)): return self.denied_response(req) - return Response(body=body) + return Response(body=body, content_type=CONTENT_TYPE_JSON) def handle_put_user(self, req): """Handles the PUT v2// call for adding a user to an @@ -1256,10 +1261,15 @@ class Swauth(object): key == self.super_admin_key: token = self.get_itoken(req.environ) url = '%s/%s.auth' % (self.dsc_url, self.reseller_prefix) - return Response(request=req, - body=json.dumps({'storage': {'default': 'local', 'local': url}}), - headers={'x-auth-token': token, 'x-storage-token': token, - 'x-storage-url': url}) + return Response( + request=req, + content_type=CONTENT_TYPE_JSON, + body=json.dumps({'storage': {'default': 'local', + 'local': url}}), + headers={'x-auth-token': token, + 'x-storage-token': token, + 'x-storage-url': url}) + # Authenticate user path = quote('/v1/%s/%s/%s' % (self.auth_account, account, user)) resp = self.make_pre_authed_request( @@ -1358,8 +1368,12 @@ class Swauth(object): (path, resp.status)) detail = json.loads(resp.body) url = detail['storage'][detail['storage']['default']] - return Response(request=req, body=resp.body, - headers={'x-auth-token': token, 'x-storage-token': token, + return Response( + request=req, + body=resp.body, + content_type=CONTENT_TYPE_JSON, + headers={'x-auth-token': token, + 'x-storage-token': token, 'x-auth-token-expires': str(int(expires - time())), 'x-storage-url': url}) diff --git a/test/unit/test_middleware.py b/test/unit/test_middleware.py index 9c93060..726994a 100644 --- a/test/unit/test_middleware.py +++ b/test/unit/test_middleware.py @@ -26,6 +26,7 @@ from swauth.authtypes import MAX_TOKEN_LENGTH from swauth import middleware as auth +CONTENT_TYPE_JSON = 'application/json' DEFAULT_TOKEN_LIFE = 86400 MAX_TOKEN_LIFE = 100000 @@ -710,6 +711,7 @@ class TestAuth(unittest.TestCase): headers={'X-Auth-User': 'act:usr', 'X-Auth-Key': 'key'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertTrue(resp.headers.get('x-auth-token', '').startswith('AUTH_tk'), resp.headers.get('x-auth-token')) self.assertEqual(resp.headers.get('x-auth-token'), @@ -742,6 +744,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Key': 'key', 'X-Auth-Token-Lifetime': 10}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) left = int(resp.headers['x-auth-token-expires']) self.assertTrue(left > 0, '%d > 0' % left) self.assertTrue(left <= 10, '%d <= 10' % left) @@ -779,6 +782,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Token-Lifetime': MAX_TOKEN_LIFE * 10}) resp = req.get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) left = int(resp.headers['x-auth-token-expires']) self.assertTrue(left > DEFAULT_TOKEN_LIFE, '%d > %d' % (left, DEFAULT_TOKEN_LIFE)) @@ -815,6 +819,7 @@ class TestAuth(unittest.TestCase): headers={'X-Storage-User': 'usr', 'X-Storage-Pass': 'key'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertTrue(resp.headers.get('x-auth-token', '').startswith('AUTH_tk'), resp.headers.get('x-auth-token')) self.assertEqual(resp.headers.get('x-auth-token'), @@ -846,6 +851,7 @@ class TestAuth(unittest.TestCase): headers={'X-Storage-User': 'act:usr', 'X-Storage-Pass': 'key'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertTrue(resp.headers.get('x-auth-token', '').startswith('AUTH_tk'), resp.headers.get('x-auth-token')) self.assertEqual(resp.headers.get('x-auth-token'), @@ -877,6 +883,7 @@ class TestAuth(unittest.TestCase): headers={'X-Auth-User': 'act:usr', 'X-Auth-Key': 'key'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertTrue(resp.headers.get('x-auth-token', '').startswith('AUTH_tk'), resp.headers.get('x-auth-token')) self.assertEqual(resp.headers.get('x-auth-token'), @@ -907,6 +914,7 @@ class TestAuth(unittest.TestCase): headers={'X-Auth-User': 'act:usr', 'X-Auth-Key': 'key'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(resp.headers.get('x-auth-token'), 'AUTH_tktest') self.assertEqual(resp.headers.get('x-auth-token'), resp.headers.get('x-storage-token')) @@ -940,6 +948,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Key': 'key', 'X-Auth-New-Token': 'true'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertNotEqual(resp.headers.get('x-auth-token'), 'AUTH_tktest') self.assertEqual(resp.headers.get('x-auth-token'), resp.headers.get('x-storage-token')) @@ -977,6 +986,7 @@ class TestAuth(unittest.TestCase): headers={'X-Auth-User': 'act:usr', 'X-Auth-Key': 'key'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertNotEqual(resp.headers.get('x-auth-token'), 'AUTH_tktest') self.assertEqual(resp.headers.get('x-auth-token'), resp.headers.get('x-storage-token')) @@ -1014,6 +1024,7 @@ class TestAuth(unittest.TestCase): headers={'X-Auth-User': 'act:usr', 'X-Auth-Key': 'key'}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertNotEqual(resp.headers.get('x-auth-token'), 'AUTH_tktest') self.assertEqual(resp.headers.get('x-auth-token'), resp.headers.get('x-storage-token')) @@ -1144,6 +1155,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'supertest'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(json.loads(resp.body), {"accounts": [{"name": "act"}]}) self.assertEqual(self.test_auth.app.calls, 2) @@ -1165,6 +1177,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'key'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(json.loads(resp.body), {"accounts": [{"name": "act"}]}) self.assertEqual(self.test_auth.app.calls, 3) @@ -1253,6 +1266,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'supertest'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(json.loads(resp.body), {'account_id': 'AUTH_cfa', 'services': {'storage': @@ -1288,6 +1302,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'key'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(json.loads(resp.body), {'account_id': 'AUTH_cfa', 'services': {'storage': @@ -1429,6 +1444,7 @@ class TestAuth(unittest.TestCase): body=json.dumps({'new_service': {'new_endpoint': 'new_value'}}) ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(json.loads(resp.body), {'storage': {'default': 'local', 'local': 'http://127.0.0.1:8080/v1/AUTH_cfa'}, @@ -1449,6 +1465,7 @@ class TestAuth(unittest.TestCase): body=json.dumps({'storage': {'new_endpoint': 'new_value'}}) ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(json.loads(resp.body), {'storage': {'default': 'local', 'local': 'http://127.0.0.1:8080/v1/AUTH_cfa', @@ -1469,6 +1486,7 @@ class TestAuth(unittest.TestCase): body=json.dumps({'storage': {'local': 'new_value'}}) ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(json.loads(resp.body), {'storage': {'default': 'local', 'local': 'new_value'}}) @@ -2391,6 +2409,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'supertest'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(resp.body, json.dumps( {"groups": [{"name": "act:usr"}, {"name": "act"}, {"name": ".admin"}], @@ -2441,6 +2460,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'supertest'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(resp.body, json.dumps( {"groups": [{"name": ".admin"}, {"name": "act"}, {"name": "act:tester"}, {"name": "act:tester3"}]})) @@ -2479,6 +2499,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'supertest'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(resp.body, json.dumps( {"groups": [{"name": ".admin"}, {"name": "act"}, {"name": "act:tester"}, {"name": "act:tester3"}]})) @@ -2535,6 +2556,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'key'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(resp.body, json.dumps( {"groups": [{"name": "act:usr"}, {"name": "act"}], "auth": "plaintext:key"})) @@ -2610,6 +2632,7 @@ class TestAuth(unittest.TestCase): 'X-Auth-Admin-Key': 'supertest'} ).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertEqual(resp.body, json.dumps( {"groups": [{"name": "act:usr"}, {"name": "act"}, {"name": ".reseller_admin"}], @@ -3662,6 +3685,7 @@ class TestAuth(unittest.TestCase): headers={'X-Auth-User': sent_user, 'X-Auth-Key': sent_key}).get_response(self.test_auth) self.assertEqual(resp.status_int, 200) + self.assertEqual(resp.content_type, CONTENT_TYPE_JSON) self.assertTrue(resp.headers.get('x-auth-token', '').startswith('AUTH_tk'), resp.headers.get('x-auth-token')) self.assertEqual(resp.headers.get('x-auth-token'),