New upstream version 0.5.2

98c57558 · Jenkins for Software Heritage · fe452425 · 309118c1 · 98c57558 · 98c57558
Commit 98c57558 authored 4 years ago by Jenkins for Software Heritage
--- a/PKG-INFO
+++ b/PKG-INFO
 Metadata-Version: 2.1
 Name: swh.auth
-Version: 0.5.1
+Version: 0.5.2
 Summary: Software Heritage Authentication Utilities
 Home-page: https://forge.softwareheritage.org/source/swh-auth/
 Author: Software Heritage developers

--- a/swh.auth.egg-info/PKG-INFO
+++ b/swh.auth.egg-info/PKG-INFO
 Metadata-Version: 2.1
 Name: swh.auth
-Version: 0.5.1
+Version: 0.5.2
 Summary: Software Heritage Authentication Utilities
 Home-page: https://forge.softwareheritage.org/source/swh-auth/
 Author: Software Heritage developers

--- a/swh/auth/django/backends.py
+++ b/swh/auth/django/backends.py
@@ -201,7 +201,10 @@ class OIDCBearerTokenAuthentication(BaseAuthentication):
            raise ValidationError("Invalid bearer token")
        except KeycloakError as ke:
            error_msg = keycloak_error_message(ke)
-            if error_msg == "invalid_grant: Offline user session not found":
+            if error_msg in (
+                "invalid_grant: Offline session not active",
+                "invalid_grant: Offline user session not found",
+            ):
                error_msg = (
                    "Bearer token expired after a long period of inactivity; "
                    "please generate a new one."

--- a/swh/auth/tests/django/test_drf_bearer_token_auth.py
+++ b/swh/auth/tests/django/test_drf_bearer_token_auth.py
@@ -129,23 +129,25 @@ def test_drf_oidc_bearer_token_expired_token(keycloak_oidc, api_client):

    api_client.credentials(HTTP_AUTHORIZATION=f"Bearer {refresh_token}")

-    kc_error_dict = {
-        "error": "invalid_grant",
-        "error_description": "Offline user session not found",
-    }
+    for kc_err_msg in ("Offline session not active", "Offline user session not found"):

-    keycloak_oidc.refresh_token.side_effect = KeycloakError(
-        error_message=json.dumps(kc_error_dict).encode(), response_code=400
-    )
+        kc_error_dict = {
+            "error": "invalid_grant",
+            "error_description": kc_err_msg,
+        }

-    response = api_client.get(url)
-    expected_error_msg = (
-        "Bearer token expired after a long period of inactivity; "
-        "please generate a new one."
-    )
+        keycloak_oidc.refresh_token.side_effect = KeycloakError(
+            error_message=json.dumps(kc_error_dict).encode(), response_code=400
+        )

-    assert response.status_code == 403
-    assert expected_error_msg in json.dumps(response.data)
+        response = api_client.get(url)
+        expected_error_msg = (
+            "Bearer token expired after a long period of inactivity; "
+            "please generate a new one."
+        )

-    request = response.wsgi_request
-    assert isinstance(request.user, AnonymousUser)
+        assert response.status_code == 403
+        assert expected_error_msg in json.dumps(response.data)
+
+        request = response.wsgi_request
+        assert isinstance(request.user, AnonymousUser)