Change Details

The error message in case of authentication failure is now aligned with the previous basic authentication scheme. Prior to this, the keycloak error dict leaked into the summary field which made the error unreadable. before (basic auth): ``` $ curl -u test2:test http://localhost:5080/deposit/1/servicedocument/ <?xml version="1.0" encoding="utf-8"?> <sword:error xmlns="http://www.w3.org/2005/Atom" xmlns:sword="http://purl.org/net/sword/terms/"> <summary>Invalid username/password.</summary> <sword:treatment>processing failed</sword:treatment> <sword:verboseDescription> API is protected by basic authentication </sword:verboseDescription> </sword:error> $ swh deposit metadata-only --url http://localhost:5080/deposit --username test \ --password test2 \ --metadata ../deposit-swh.update-metadata.xml ERROR:swh.deposit.cli.client:Problem during parsing options: Service document retrieval: Invalid username/password. ``` before (keycloak): ``` $ curl -u test2:test http://localhost:5080/deposit/1/servicedocument/ <?xml version="1.0" encoding="utf-8"?> <sword:error xmlns="http://www.w3.org/2005/Atom" xmlns:sword="http://purl.org/net/sword/terms/"> <summary>{"error":"invalid_grant","error_description":"Invalid user credentials"}</summary> <sword:treatment>processing failed</sword:treatment> <sword:verboseDescription> API is protected by basic authentication </sword:verboseDescription> </sword:error> $ swh deposit metadata-only --url http://localhost:5080/deposit \ --username test \ --password test2 \ --metadata ../deposit-swh.update-metadata.xml --format json ERROR:swh.deposit.cli.client:Problem during parsing options: Service document retrieval: {"error":"invalid_grant","error_description":"Invalid user credentials"} ``` And now, with the following diff and keycloak authentication scheme: p``` $ curl -u test2:test http://localhost:5080/deposit/1/servicedocument/ <?xml version="1.0" encoding="utf-8"?> <sword:error xmlns="http://www.w3.org/2005/Atom" xmlns:sword="http://purl.org/net/sword/terms/"> <summary>invalid_grant: Invalid user credentials</summary> <sword:treatment>processing failed</sword:treatment> <sword:verboseDescription> API is protected by basic authentication </sword:verboseDescription> </sword:error> $ swh deposit metadata-only --url http://localhost:5080/deposit --username test \ --password test2 \ --metadata ../deposit-swh.update-metadata.xml ERROR:swh.deposit.cli.client:Problem during parsing options: Service document retrieval: invalid_grant: Invalid user credentials ```

This also allows to restrict the error message to the actual error message.e error message in case of authentication failure is now aligned with the previous basic authentication scheme. Prior to this, the keycloak error dict leaked into the summary field which made the error unreadable. before (basic auth): ``` $ curl -u test2:test http://localhost:5080/deposit/1/servicedocument/ <?xml version="1.0" encoding="utf-8"?> <sword:error xmlns="http://www.w3.org/2005/Atom" xmlns:sword="http://purl.org/net/sword/terms/"> <summary>Invalid username/password.</summary> <sword:treatment>processing failed</sword:treatment> <sword:verboseDescription> API is protected by basic authentication </sword:verboseDescription> This also allows to restrict the error message to the actual error message. And to parse</sword:error> $ swh deposit metadata-only --url http://localhost:5080/deposit --username test \ --password test2 \ --metadata ../deposit-swh.update-metadata.xml it appropriately so the renderERROR:swh.deposit.cli.client:Problem during parsing in the xml is not a dict.options: Service document retrieval: Invalid username/password. ``` before (keycloak): ``` $ curl -u test2:test http://localhost:5080/deposit/1/servicedocument/ <?xml version="1.0" encoding="utf-8"?> <sword:error xmlns="http://www.w3.org/2005/Atom" xmlns:sword="http://purl.org/net/sword/terms/"> <summary>{"error":"invalid_grant","error_description":"Invalid user credentials"}</summary> <sword:treatment>processing failed</sword:treatment> <sword:verboseDescription> API is protected by basic authentication </sword:verboseDescription> </sword:error> $ swh deposit metadata-only --url http://localhost:5080/deposit \ --username test \ --password test2 \ # wrong creds --metadata ../deposit-swh.update-metadata.xml --format json {"summary": "401: b'{\"error\":\"invalid_grant\",\"error_description\":\"Invalid user credentials\"}'", "detail": "", "sword:verboseDescription": "API is protected by basic authentication", "swh:deposit_id": null, "swh:deposit_status": null, "status": 401ERROR:swh.deposit.cli.client:Problem during parsing options: Service document retrieval: {"error":"invalid_grant","error_description":"Invalid user credentials"} ``` WAnd now, with the following diff: and keycloak authentication scheme: ```p``` $ curl -u test2:test http://localhost:5080/deposit/1/servicedocument/ <?xml version="1.0" encoding="utf-8"?> <sword:error xmlns="http://www.w3.org/2005/Atom" xmlns:sword="http://purl.org/net/sword/terms/"> <summary>invalid_grant: Invalid user credentials</summary> <sword:treatment>processing failed</sword:treatment> <sword:verboseDescription> API is protected by basic authentication </sword:verboseDescription> </sword:error> $ swh deposit metadata-only --url http://localhost:5080/deposit --username test \ --password test2 \ --metadata ../deposit-swh.update-metadata.xml ERROR:swh.deposit.cli.client:Problem during parsing options: Service document retrieval: invalid_grant: Invalid user credentials ```