Project

General

Profile

Actions

Bug #6780

open

[git] "git clone https://..." with a bogus token should respond 4xx, not 5xx

Added by Tom Clegg over 8 years ago. Updated 18 days ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
Git hosting
Target version:
Story points:
0.5
Release:
Release relationship:
Auto

Description

Currently, as verified by tests, arvados-git-httpd returns 500 when the servers are all working perfectly but the client used an invalid token.

Existing test case:

func (s *IntegrationSuite) TestInvalidToken(c *check.C) {
    for _, repo := range []string{"active/foo.git", "active/foo/.git"} {
        err := s.runGit(c, "no-such-token-in-the-system", "fetch", repo)
        c.Assert(err, check.ErrorMatches, `.* 500 while accessing.*`)
    }
}

Observed behavior in production (arvados-git-httpd 0.1.20150714174007.f78434f):

$ git clone http://localhost:9001/foo.git
Cloning into 'foo'...
Username for 'http://localhost:9001': asdf
Password for 'http://asdf@localhost:9001': asdf
fatal: unable to access 'http://localhost:9001/foo.git/': The requested URL returned error: 500

Logged:

2015-07-28_16:05:39.51912 2015/07/28 16:05:39 "[::1]:52434" "asdf" "asdf" 500 "arvados API server error: Not logged in (401: 401 Unauthorized) returned by bogus.arvadosapi.com" "foo" "GET" "/foo.git/info/refs" 
Expected / desired:
  • arv-git-httpd should not return 5xx: this is arv-git-httpd's client's problem to fix, not arv-git-httpd's.
  • Presumably it should pass the 401 status back to the client.
  • The test should be updated to check for a 401 status.

Related issues

Has duplicate Arvados - Bug #6943: [Git hosting] arvados-git-httpd should return 4xx, not 5xx, for authentication errorsDuplicate08/10/2015Actions
Actions #1

Updated by Tom Clegg over 8 years ago

  • Category set to API
  • Target version set to Arvados Future Sprints
  • Story points set to 0.5
Actions #2

Updated by Brett Smith over 8 years ago

  • Description updated (diff)
  • Category changed from API to Git hosting
Actions #3

Updated by Ward Vandewege over 2 years ago

  • Target version deleted (Arvados Future Sprints)
Actions #4

Updated by Peter Amstutz about 1 year ago

  • Release set to 60
Actions #5

Updated by Peter Amstutz 18 days ago

  • Target version set to Future
Actions

Also available in: Atom PDF