Bug 927457 - processTokenResponse fails to handle 401 response correctly. r=gps
authorMark Hammond <mhammond@skippinet.com.au>
Wed, 16 Oct 2013 11:32:36 -0700
changeset 164957 5a58e6669962d453c6c0a7099a889348feb680a9
parent 164956 4fcc79a6234b1841df37db33db7341f1a5f97e64
child 164958 4e60867ca4ab0af46a259a2c2756ae96dc3fa39a
push id3066
push userakeybl@mozilla.com
push dateMon, 09 Dec 2013 19:58:46 +0000
treeherdermozilla-beta@a31a0dce83aa [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgps
bugs927457
milestone27.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 927457 - processTokenResponse fails to handle 401 response correctly. r=gps
services/common/tests/unit/test_tokenserverclient.js
services/common/tokenserverclient.js
--- a/services/common/tests/unit/test_tokenserverclient.js
+++ b/services/common/tests/unit/test_tokenserverclient.js
@@ -326,16 +326,41 @@ add_test(function test_400_response() {
     do_check_eq("TokenServerClientServerError", error.name);
     do_check_neq(null, error.response);
     do_check_eq(error.cause, "malformed-request");
 
     server.stop(run_next_test);
   });
 });
 
+add_test(function test_401_response() {
+  _("Ensure HTTP 401 is converted to invalid-credentials.");
+
+  let server = httpd_setup({
+    "/1.0/foo/1.0": function(request, response) {
+      response.setStatusLine(request.httpVersion, 401, "Unauthorized");
+      response.setHeader("Content-Type", "application/json; charset=utf-8");
+
+      let body = "{}"; // Actual content may not be used.
+      response.bodyOutputStream.write(body, body.length);
+    }
+  });
+
+  let client = new TokenServerClient();
+  let url = server.baseURI + "/1.0/foo/1.0";
+  client.getTokenFromBrowserIDAssertion(url, "assertion", function(error, r) {
+    do_check_neq(null, error);
+    do_check_eq("TokenServerClientServerError", error.name);
+    do_check_neq(null, error.response);
+    do_check_eq(error.cause, "invalid-credentials");
+
+    server.stop(run_next_test);
+  });
+});
+
 add_test(function test_unhandled_media_type() {
   _("Ensure that unhandled media types throw an error.");
 
   let server = httpd_setup({
     "/1.0/foo/1.0": function(request, response) {
       response.setStatusLine(request.httpVersion, 200, "OK");
       response.setHeader("Content-Type", "text/plain");
 
--- a/services/common/tokenserverclient.js
+++ b/services/common/tokenserverclient.js
@@ -321,17 +321,17 @@ TokenServerClient.prototype = {
 
       let error = new TokenServerClientServerError();
       error.response = response;
 
       if (response.status == 400) {
         error.message = "Malformed request.";
         error.cause = "malformed-request";
       } else if (response.status == 401) {
-        error.message("Authentication failed.");
+        error.message = "Authentication failed.";
         error.cause = "invalid-credentials";
       }
 
       // 403 should represent a "condition acceptance needed" response.
       //
       // The extra validation of "urls" is important. We don't want to signal
       // conditions required unless we are absolutely sure that is what the
       // server is asking for.