Skip to content
This repository has been archived by the owner on Nov 8, 2022. It is now read-only.

Commit

Permalink
Fixed #1660: better not authorized handling for API V2
Browse files Browse the repository at this point in the history
  • Loading branch information
@candysmurf
candysmurf committed Jun 12, 2017
1 parent bf900bd commit af2daf2
Show file tree
Hide file tree
Showing 4 changed files with 64 additions and 29 deletions.
2 changes: 1 addition & 1 deletion mgmt/rest/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,7 @@ func (s *Server) authMiddleware(rw http.ResponseWriter, r *http.Request, next ht
if ok && password == s.authpwd {
next(rw, r)
} else {
http.Error(rw, "Not Authorized", 401)
v2.Write(401, v2.UnauthError{Code: 401, Message: "Not authorized. Please specify the same password that used to start snapteld. E.g: [snaptel -p plugin list] or [curl http://localhost:8181/v2/plugins -u snap]"}, rw)
}
} else {
next(rw, r)
Expand Down
28 changes: 14 additions & 14 deletions mgmt/rest/v2/api.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ func (s *apiV2) GetRoutes() []api.Route {
//
// Responses:
// 200: PluginsResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "GET", Path: prefix + "/plugins", Handle: s.getPlugins},
// swagger:route GET /plugins/{ptype}/{pname}/{pversion} plugins getPlugin
//
Expand All @@ -87,7 +87,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// 400: ErrorResponse
// 404: ErrorResponse
// 500: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "GET", Path: prefix + "/plugins/:type/:name/:version", Handle: s.getPlugin},
// swagger:route POST /plugins plugins loadPlugin
//
Expand All @@ -109,7 +109,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// 409: ErrorResponse
// 415: ErrorResponse
// 500: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "POST", Path: prefix + "/plugins", Handle: s.loadPlugin},
// swagger:route DELETE /plugins/{ptype}/{pname}/{pversion} plugins unloadPlugin
//
Expand All @@ -128,7 +128,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// 404: ErrorResponse
// 409: ErrorResponse
// 500: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "DELETE", Path: prefix + "/plugins/:type/:name/:version", Handle: s.unloadPlugin},
// swagger:route GET /plugins/{ptype}/{pname}/{pversion}/config plugins getPluginConfigItem
//
Expand All @@ -144,7 +144,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// Responses:
// 200: PluginConfigResponse
// 400: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "GET", Path: prefix + "/plugins/:type/:name/:version/config", Handle: s.getPluginConfigItem},
// swagger:route PUT /plugins/{ptype}/{pname}/{pversion}/config plugins setPluginConfigItem
//
Expand All @@ -163,7 +163,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// Responses:
// 200: PluginConfigResponse
// 400: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "PUT", Path: prefix + "/plugins/:type/:name/:version/config", Handle: s.setPluginConfigItem},
// swagger:route DELETE /plugins/{ptype}/{pname}/{pversion}/config plugins deletePluginConfigItem
//
Expand All @@ -182,7 +182,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// Responses:
// 200: PluginConfigResponse
// 400: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "DELETE", Path: prefix + "/plugins/:type/:name/:version/config", Handle: s.deletePluginConfigItem},
// swagger:route GET /metrics plugins getMetrics
//
Expand All @@ -199,7 +199,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// 200: MetricsResponse
// 404: ErrorResponse
// 500: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "GET", Path: prefix + "/metrics", Handle: s.getMetrics},
// swagger:route GET /tasks tasks getTasks
//
Expand All @@ -214,7 +214,7 @@ func (s *apiV2) GetRoutes() []api.Route {
//
// Responses:
// 200: TasksResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "GET", Path: prefix + "/tasks", Handle: s.getTasks},
// swagger:route GET /tasks/{id} tasks getTask
//
Expand All @@ -230,7 +230,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// Responses:
// 200: TaskResponse
// 404: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "GET", Path: prefix + "/tasks/:id", Handle: s.getTask},
// swagger:route GET /tasks/{id}/watch tasks watchTask
//
Expand All @@ -247,7 +247,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// 200: TaskWatchResponse
// 404: ErrorResponse
// 500: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "GET", Path: prefix + "/tasks/:id/watch", Handle: s.watchTask},
// swagger:route POST /tasks tasks addTask
//
Expand All @@ -266,7 +266,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// Responses:
// 201: TaskResponse
// 500: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "POST", Path: prefix + "/tasks", Handle: s.addTask},
// swagger:route PUT /tasks/{id} tasks updateTaskState
//
Expand All @@ -287,7 +287,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// 400: ErrorResponse
// 409: ErrorResponse
// 500: ErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "PUT", Path: prefix + "/tasks/:id", Handle: s.updateTaskState},
// swagger:route DELETE /tasks/{id} tasks removeTask
//
Expand All @@ -304,7 +304,7 @@ func (s *apiV2) GetRoutes() []api.Route {
// 204: TaskResponse
// 404: ErrorResponse
// 500: TaskErrorResponse
// 401: ErrorResponse
// 401: UnauthResponse
api.Route{Method: "DELETE", Path: prefix + "/tasks/:id", Handle: s.removeTask},
}
return routes
Expand Down
13 changes: 13 additions & 0 deletions mgmt/rest/v2/error.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,19 @@ type ErrorResponse struct {
SnapError Error `json: "snap_error"`
}

// UnauthResponse returns Unauthorized error struct message.
// swagger:response UnauthResponse
type UnauthResponse struct {
// in:body
Unauth UnauthError `json:"unauth"`
}

// UnauthError defines the error type of an unauthorized response.
type UnauthError struct {
Code int `json:"code"`
Message string `json:"message"`
}

// Unsuccessful generic response to a failed API call
type Error struct {
ErrorMessage string `json:"message"`
Expand Down
50 changes: 36 additions & 14 deletions swagger.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@
"$ref": "#/responses/MetricsResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"404": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -119,7 +119,7 @@
"$ref": "#/responses/PluginsResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
}
}
},
Expand Down Expand Up @@ -157,7 +157,7 @@
"$ref": "#/responses/ErrorResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"409": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -223,7 +223,7 @@
"$ref": "#/responses/ErrorResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"404": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -284,7 +284,7 @@
"$ref": "#/responses/ErrorResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"404": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -350,7 +350,7 @@
"$ref": "#/responses/ErrorResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
}
}
},
Expand Down Expand Up @@ -419,7 +419,7 @@
"$ref": "#/responses/ErrorResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
}
}
},
Expand Down Expand Up @@ -489,7 +489,7 @@
"$ref": "#/responses/ErrorResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
}
}
}
Expand All @@ -514,7 +514,7 @@
"$ref": "#/responses/TasksResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
}
}
},
Expand Down Expand Up @@ -552,7 +552,7 @@
"$ref": "#/responses/TaskResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"500": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -589,7 +589,7 @@
"$ref": "#/responses/TaskResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"404": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -638,7 +638,7 @@
"$ref": "#/responses/ErrorResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"409": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -676,7 +676,7 @@
"$ref": "#/responses/TaskResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"404": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -716,7 +716,7 @@
"$ref": "#/responses/TaskWatchResponse"
},
"401": {
"$ref": "#/responses/ErrorResponse"
"$ref": "#/responses/UnauthResponse"
},
"404": {
"$ref": "#/responses/ErrorResponse"
Expand Down Expand Up @@ -1223,6 +1223,22 @@
},
"x-go-package": "github.com/intelsdi-x/snap/mgmt/rest/v2"
},
"UnauthError": {
"type": "object",
"title": "UnauthError defines the error type of an unauthorized response.",
"properties": {
"code": {
"type": "integer",
"format": "int64",
"x-go-name": "Code"
},
"message": {
"type": "string",
"x-go-name": "Message"
}
},
"x-go-package": "github.com/intelsdi-x/snap/mgmt/rest/v2"
},
"WorkflowMap": {
"description": "WorkflowMap represents a map of a desired workflow that is used to create a scheduleWorkflow",
"type": "object",
Expand Down Expand Up @@ -1327,6 +1343,12 @@
}
}
}
},
"UnauthResponse": {
"description": "UnauthResponse returns Unauthorized error struct message.",
"schema": {
"$ref": "#/definitions/UnauthError"
}
}
},
"securityDefinitions": {
Expand Down

0 comments on commit af2daf2

Please sign in to comment.