Merge tag 'debian/0.5.2-1_swh1' into debian/buster-swh

a9aeb77f · Jenkins for Software Heritage · 86cd709d · 71ca4925 · a9aeb77f · a9aeb77f
Commit a9aeb77f authored 4 years ago by Jenkins for Software Heritage
--- a/PKG-INFO
+++ b/PKG-INFO
 Metadata-Version: 2.1
 Name: swh.auth
-Version: 0.5.1
+Version: 0.5.2
 Summary: Software Heritage Authentication Utilities
 Home-page: https://forge.softwareheritage.org/source/swh-auth/
 Author: Software Heritage developers

--- a/debian/changelog
+++ b/debian/changelog
-swh-auth (0.5.1-1~swh1~bpo10+1) buster-swh; urgency=medium
+swh-auth (0.5.2-1~swh1) unstable-swh; urgency=medium

-  * Rebuild for buster-swh
+  * New upstream release 0.5.2     - (tagged by Antoine Lambert
+    <antoine.lambert@inria.fr> on 2021-04-08 11:07:58 +0200)
+  * Upstream changes:     - version 0.5.2

- -- Software Heritage autobuilder (on jenkins-debian1) <jenkins@jenkins-debian1.internal.softwareheritage.org>  Wed, 07 Apr 2021 09:09:54 +0000
+ -- Software Heritage autobuilder (on jenkins-debian1) <jenkins@jenkins-debian1.internal.softwareheritage.org>  Thu, 08 Apr 2021 09:10:35 +0000

 swh-auth (0.5.1-1~swh1) unstable-swh; urgency=medium


--- a/swh.auth.egg-info/PKG-INFO
+++ b/swh.auth.egg-info/PKG-INFO
 Metadata-Version: 2.1
 Name: swh.auth
-Version: 0.5.1
+Version: 0.5.2
 Summary: Software Heritage Authentication Utilities
 Home-page: https://forge.softwareheritage.org/source/swh-auth/
 Author: Software Heritage developers

--- a/swh/auth/django/backends.py
+++ b/swh/auth/django/backends.py
@@ -201,7 +201,10 @@ class OIDCBearerTokenAuthentication(BaseAuthentication):
            raise ValidationError("Invalid bearer token")
        except KeycloakError as ke:
            error_msg = keycloak_error_message(ke)
-            if error_msg == "invalid_grant: Offline user session not found":
+            if error_msg in (
+                "invalid_grant: Offline session not active",
+                "invalid_grant: Offline user session not found",
+            ):
                error_msg = (
                    "Bearer token expired after a long period of inactivity; "
                    "please generate a new one."

--- a/swh/auth/tests/django/test_drf_bearer_token_auth.py
+++ b/swh/auth/tests/django/test_drf_bearer_token_auth.py
@@ -129,23 +129,25 @@ def test_drf_oidc_bearer_token_expired_token(keycloak_oidc, api_client):

    api_client.credentials(HTTP_AUTHORIZATION=f"Bearer {refresh_token}")

-    kc_error_dict = {
-        "error": "invalid_grant",
-        "error_description": "Offline user session not found",
-    }
+    for kc_err_msg in ("Offline session not active", "Offline user session not found"):

-    keycloak_oidc.refresh_token.side_effect = KeycloakError(
-        error_message=json.dumps(kc_error_dict).encode(), response_code=400
-    )
+        kc_error_dict = {
+            "error": "invalid_grant",
+            "error_description": kc_err_msg,
+        }

-    response = api_client.get(url)
-    expected_error_msg = (
-        "Bearer token expired after a long period of inactivity; "
-        "please generate a new one."
-    )
+        keycloak_oidc.refresh_token.side_effect = KeycloakError(
+            error_message=json.dumps(kc_error_dict).encode(), response_code=400
+        )

-    assert response.status_code == 403
-    assert expected_error_msg in json.dumps(response.data)
+        response = api_client.get(url)
+        expected_error_msg = (
+            "Bearer token expired after a long period of inactivity; "
+            "please generate a new one."
+        )

-    request = response.wsgi_request
-    assert isinstance(request.user, AnonymousUser)
+        assert response.status_code == 403
+        assert expected_error_msg in json.dumps(response.data)
+
+        request = response.wsgi_request
+        assert isinstance(request.user, AnonymousUser)