Bug 927457 - processTokenResponse fails to handle 401 response correctly. r=gps
authorMark Hammond <mhammond@skippinet.com.au>
Wed, 16 Oct 2013 11:32:36 -0700
changeset 151142 5a58e6669962d453c6c0a7099a889348feb680a9
parent 151141 4fcc79a6234b1841df37db33db7341f1a5f97e64
child 151143 4e60867ca4ab0af46a259a2c2756ae96dc3fa39a
push id1
push userroot
push dateMon, 20 Oct 2014 17:29:22 +0000
reviewersgps
bugs927457
milestone27.0a1
Bug 927457 - processTokenResponse fails to handle 401 response correctly. r=gps
services/common/tests/unit/test_tokenserverclient.js
services/common/tokenserverclient.js
--- a/services/common/tests/unit/test_tokenserverclient.js
+++ b/services/common/tests/unit/test_tokenserverclient.js
@@ -326,16 +326,41 @@ add_test(function test_400_response() {
     do_check_eq("TokenServerClientServerError", error.name);
     do_check_neq(null, error.response);
     do_check_eq(error.cause, "malformed-request");
 
     server.stop(run_next_test);
   });
 });
 
+add_test(function test_401_response() {
+  _("Ensure HTTP 401 is converted to invalid-credentials.");
+
+  let server = httpd_setup({
+    "/1.0/foo/1.0": function(request, response) {
+      response.setStatusLine(request.httpVersion, 401, "Unauthorized");
+      response.setHeader("Content-Type", "application/json; charset=utf-8");
+
+      let body = "{}"; // Actual content may not be used.
+      response.bodyOutputStream.write(body, body.length);
+    }
+  });
+
+  let client = new TokenServerClient();
+  let url = server.baseURI + "/1.0/foo/1.0";
+  client.getTokenFromBrowserIDAssertion(url, "assertion", function(error, r) {
+    do_check_neq(null, error);
+    do_check_eq("TokenServerClientServerError", error.name);
+    do_check_neq(null, error.response);
+    do_check_eq(error.cause, "invalid-credentials");
+
+    server.stop(run_next_test);
+  });
+});
+
 add_test(function test_unhandled_media_type() {
   _("Ensure that unhandled media types throw an error.");
 
   let server = httpd_setup({
     "/1.0/foo/1.0": function(request, response) {
       response.setStatusLine(request.httpVersion, 200, "OK");
       response.setHeader("Content-Type", "text/plain");
 
--- a/services/common/tokenserverclient.js
+++ b/services/common/tokenserverclient.js
@@ -321,17 +321,17 @@ TokenServerClient.prototype = {
 
       let error = new TokenServerClientServerError();
       error.response = response;
 
       if (response.status == 400) {
         error.message = "Malformed request.";
         error.cause = "malformed-request";
       } else if (response.status == 401) {
-        error.message("Authentication failed.");
+        error.message = "Authentication failed.";
         error.cause = "invalid-credentials";
       }
 
       // 403 should represent a "condition acceptance needed" response.
       //
       // The extra validation of "urls" is important. We don't want to signal
       // conditions required unless we are absolutely sure that is what the
       // server is asking for.