Skip to content

Commit

Permalink
fix(plugins): Made the error message more friendly when the anonymous
Browse files Browse the repository at this point in the history
              consumer was configured but nonexisting

https://konghq.atlassian.net/browse/FTI-5392
  • Loading branch information
catbro666 committed Nov 27, 2024
1 parent 23b2ae1 commit e89142e
Show file tree
Hide file tree
Showing 13 changed files with 63 additions and 12 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
message: "**authentication-plugins**: Made the error message more friendly when the anonymous consumer was configured but nonexisting."
type: bugfix
scope: Plugin
6 changes: 6 additions & 0 deletions kong/plugins/basic-auth/access.lua
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,12 @@ function _M.execute(conf)
return error(err)
end

if not consumer then
local err_msg = "anonymous consumer " .. conf.anonymous .. " is configured but doesn't exist"
kong.log.err(err_msg)
return kong.response.error(500, err_msg)
end

set_consumer(consumer)

else
Expand Down
6 changes: 6 additions & 0 deletions kong/plugins/hmac-auth/access.lua
Original file line number Diff line number Diff line change
Expand Up @@ -363,6 +363,12 @@ local function set_anonymous_consumer(anonymous)
return error(err)
end

if not consumer then
local err_msg = "anonymous consumer " .. anonymous .. " is configured but doesn't exist"
kong.log.err(err_msg)
return kong.response.error(500, err_msg)
end

set_consumer(consumer)
end

Expand Down
6 changes: 6 additions & 0 deletions kong/plugins/jwt/handler.lua
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,12 @@ local function set_anonymous_consumer(anonymous)
return error(err)
end

if not consumer then
local err_msg = "anonymous consumer " .. anonymous .. " is configured but doesn't exist"
kong.log.err(err_msg)
return kong.response.error(500, err_msg)
end

set_consumer(consumer)
end

Expand Down
6 changes: 6 additions & 0 deletions kong/plugins/key-auth/handler.lua
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,12 @@ local function set_anonymous_consumer(anonymous)
return error(err)
end

if not consumer then
local err_msg = "anonymous consumer " .. anonymous .. " is configured but doesn't exist"
kong.log.err(err_msg)
return kong.response.error(500, err_msg)
end

set_consumer(consumer)
end

Expand Down
6 changes: 6 additions & 0 deletions kong/plugins/ldap-auth/access.lua
Original file line number Diff line number Diff line change
Expand Up @@ -290,6 +290,12 @@ local function set_anonymous_consumer(anonymous)
return error(err)
end

if not consumer then
local err_msg = "anonymous consumer " .. anonymous .. " is configured but doesn't exist"
kong.log.err(err_msg)
return kong.response.error(500, err_msg)
end

set_consumer(consumer)
end

Expand Down
6 changes: 6 additions & 0 deletions kong/plugins/oauth2/access.lua
Original file line number Diff line number Diff line change
Expand Up @@ -1077,6 +1077,12 @@ local function set_anonymous_consumer(anonymous)
return error(err)
end

if not consumer then
local err_msg = "anonymous consumer " .. anonymous .. " is configured but doesn't exist"
kong.log.err(err_msg)
return kong.response.error(500, err_msg)
end

set_consumer(consumer)
end

Expand Down
6 changes: 4 additions & 2 deletions spec/03-plugins/09-key-auth/02-access_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ for _, strategy in helpers.each_strategy() do
describe("Plugin: key-auth (access) [#" .. strategy .. "]", function()
local mock, proxy_client
local kong_cred
local nonexisting_anonymous = uuid.uuid() -- a nonexisting consumer id

lazy_setup(function()
mock = http_mock.new(MOCK_PORT)
Expand Down Expand Up @@ -117,7 +118,7 @@ for _, strategy in helpers.each_strategy() do
name = "key-auth",
route = { id = route4.id },
config = {
anonymous = uuid.uuid(), -- unknown consumer
anonymous = nonexisting_anonymous, -- a nonexisting consumer id
},
}

Expand Down Expand Up @@ -803,7 +804,8 @@ for _, strategy in helpers.each_strategy() do
["Host"] = "key-auth4.test"
}
})
assert.response(res).has.status(500)
local body = cjson.decode(assert.res_status(500, res))
assert.matches("anonymous consumer " .. nonexisting_anonymous .. " is configured but doesn't exist", body.message)
end)
end)
end)
Expand Down
6 changes: 4 additions & 2 deletions spec/03-plugins/10-basic-auth/03-access_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ local uuid = require "kong.tools.uuid"
for _, strategy in helpers.each_strategy() do
describe("Plugin: basic-auth (access) [#" .. strategy .. "]", function()
local proxy_client
local nonexisting_anonymous = uuid.uuid() -- a non-existing consumer id

lazy_setup(function()
local bp = helpers.get_db_utils(strategy, {
Expand Down Expand Up @@ -104,7 +105,7 @@ for _, strategy in helpers.each_strategy() do
name = "basic-auth",
route = { id = route4.id },
config = {
anonymous = uuid.uuid(), -- a non-existing consumer id
anonymous = nonexisting_anonymous, -- a non-existing consumer id
},
}

Expand Down Expand Up @@ -430,7 +431,8 @@ for _, strategy in helpers.each_strategy() do
["Host"] = "basic-auth4.test"
}
})
assert.response(res).has.status(500)
local body = cjson.decode(assert.res_status(500, res))
assert.matches("anonymous consumer " .. nonexisting_anonymous .. " is configured but doesn't exist", body.message)
end)

end)
Expand Down
6 changes: 4 additions & 2 deletions spec/03-plugins/16-jwt/03-access_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ for _, strategy in helpers.each_strategy() do
local hs_jwt_secret_2
local proxy_client
local admin_client
local nonexisting_anonymous = uuid.uuid() -- a nonexisting consumer id

lazy_setup(function()
local bp = helpers.get_db_utils(strategy, {
Expand Down Expand Up @@ -121,7 +122,7 @@ for _, strategy in helpers.each_strategy() do
plugins:insert({
name = "jwt",
route = { id = routes[7].id },
config = { anonymous = uuid.uuid() },
config = { anonymous = nonexisting_anonymous }, -- a nonexisting consumer id
})

plugins:insert({
Expand Down Expand Up @@ -1243,7 +1244,8 @@ for _, strategy in helpers.each_strategy() do
["Host"] = "jwt7.test"
}
})
assert.response(res).has.status(500)
local body = cjson.decode(assert.res_status(500, res))
assert.matches("anonymous consumer " .. nonexisting_anonymous .. " is configured but doesn't exist", body.message)
end)
end)
end)
Expand Down
6 changes: 4 additions & 2 deletions spec/03-plugins/19-hmac-auth/03-access_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ for _, strategy in helpers.each_strategy() do
local proxy_client
local consumer
local credential
local nonexisting_anonymous = uuid.uuid() -- a nonexisting consumer id

lazy_setup(function()
local bp = helpers.get_db_utils(strategy, {
Expand Down Expand Up @@ -96,7 +97,7 @@ for _, strategy in helpers.each_strategy() do
name = "hmac-auth",
route = { id = route3.id },
config = {
anonymous = uuid.uuid(), -- non existing consumer
anonymous = nonexisting_anonymous, -- a non existing consumer id
clock_skew = 3000
}
}
Expand Down Expand Up @@ -1204,7 +1205,8 @@ for _, strategy in helpers.each_strategy() do
["Host"] = "hmacauth3.test",
},
})
assert.response(res).has.status(500)
local body = cjson.decode(assert.res_status(500, res))
assert.matches("anonymous consumer " .. nonexisting_anonymous .. " is configured but doesn't exist", body.message)
end)

it("should pass with GET when body validation enabled", function()
Expand Down
6 changes: 4 additions & 2 deletions spec/03-plugins/20-ldap-auth/01-access_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ for _, ldap_strategy in pairs(ldap_strategies) do
local admin_client
local route2
local plugin2
local nonexisting_anonymous = uuid.uuid() -- a non existing consumer id

lazy_setup(function()
local bp = helpers.get_db_utils(strategy, {
Expand Down Expand Up @@ -141,7 +142,7 @@ for _, ldap_strategy in pairs(ldap_strategies) do
base_dn = "ou=scientists,dc=ldap,dc=mashape,dc=com",
attribute = "uid",
cache_ttl = 2,
anonymous = uuid.uuid(), -- non existing consumer
anonymous = nonexisting_anonymous, -- a non existing consumer id
}
}

Expand Down Expand Up @@ -597,7 +598,8 @@ for _, ldap_strategy in pairs(ldap_strategies) do
["Host"] = "ldap4.test"
}
})
assert.response(res).has.status(500)
local body = cjson.decode(assert.res_status(500, res))
assert.matches("anonymous consumer " .. nonexisting_anonymous .. " is configured but doesn't exist", body.message)
end)
end)
end)
Expand Down
6 changes: 4 additions & 2 deletions spec/03-plugins/25-oauth2/03-access_spec.lua
Original file line number Diff line number Diff line change
Expand Up @@ -172,6 +172,7 @@ describe("Plugin: oauth2 [#" .. strategy .. "]", function()
local proxy_ssl_client
local proxy_client
local client1
local nonexisting_anonymous = uuid.uuid() -- a non existing consumer id

lazy_setup(function()

Expand Down Expand Up @@ -511,7 +512,7 @@ describe("Plugin: oauth2 [#" .. strategy .. "]", function()
config = {
scopes = { "email", "profile", "user.email" },
global_credentials = true,
anonymous = uuid.uuid(), -- a non existing consumer
anonymous = nonexisting_anonymous, -- a non existing consumer id
},
})

Expand Down Expand Up @@ -3373,7 +3374,8 @@ describe("Plugin: oauth2 [#" .. strategy .. "]", function()
["Host"] = "oauth2_10.test"
}
})
assert.res_status(500, res)
local body = cjson.decode(assert.res_status(500, res))
assert.matches("anonymous consumer " .. nonexisting_anonymous .. " is configured but doesn't exist", body.message)
end)
it("returns success and the token should have the right expiration when a custom header is passed", function()
local res = assert(proxy_ssl_client:send {
Expand Down

0 comments on commit e89142e

Please sign in to comment.