darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-01-30 22:42:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

Give specifc error when service doesn’t exist

Browse Source 
If you sign a token with a service ID that doesn’t exist (say, for
example, that you get service ID and API key mixed up) then you get
an error saying that “no API keys exist for the service”. This is wrong
because the service doesn’t even exist.

This commit adds:
- code to check if the service does exist
- a specific error message for this case

The check does mean an extra database call to look up the service.
However this only happens _after_ looping through all the API keys. So
it shouldn’t have a performance implication for anyone using a valid API
key.
This commit is contained in:
Chris Hill-Scott
2016-09-16 08:44:08 +01:00
parent 6b3c899127
commit 1ce91997e8
2 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/app/authentication/test_authentication.py
View File

@@ -211,7 +211,7 @@ def test_authentication_returns_error_when_service_doesnt_exit(
)
assert response.status_code == 403
error_message = json.loads(response.get_data())
assert error_message['message'] == {'token': ['Invalid token: no api keys for service']}
assert error_message['message'] == {'token': ['Invalid token: service not found']}
def test_authentication_returns_error_when_service_has_no_secrets(notify_api,