dbio: tweak handling of invalid agents

usnistgov · May 2, 2024 · f580a52 · f580a52
1 parent 89cea14
commit f580a52
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 8 deletions.
diff --git a/python/nistoar/midas/dbio/wsgi/base.py b/python/nistoar/midas/dbio/wsgi/base.py
@@ -43,6 +43,13 @@ def __init__(self, svcapp: ServiceApp, dbclient: DBClient, wsgienv: dict, start_
         if hasattr(self._app, "_recorder") and self._app._recorder:
             self._reqrec = self._app._recorder.from_wsgi(self._env)
 
+    def preauthorize(self):
+        """
+        determine if the client agent is authorized to access this endpoint.  This implementation 
+        ensures that a valid client agent has been established and is valid.
+        """
+        return bool(self.who) and self.who.agent_class != Agent.INVALID
+
     def acceptable(self):
         """
         return True if the client's Accept request is compatible with this handler.

diff --git a/python/nistoar/midas/dbio/wsgi/project.py b/python/nistoar/midas/dbio/wsgi/project.py
@@ -879,13 +879,6 @@ def __init__(self, service_factory: ProjectServiceFactory, log: Logger, config:
         super(MIDASProjectApp, self).__init__(service_factory.project_type, log, config)
         self.svcfact = service_factory
 
-    def preauthorize(self):
-        """
-        determine if the client agent is authorized to access this endpoint.  This implementation 
-        ensures that a valid client agent has been established.
-        """
-        return bool(self.who) and self.who.agent_class != Agent.INVALID
-
     def create_handler(self, env: dict, start_resp: Callable, path: str, who: Agent) -> Handler:
         """
         return a handler instance to handle a particular request to a path

diff --git a/python/nistoar/web/rest/base.py b/python/nistoar/web/rest/base.py
@@ -713,7 +713,8 @@ def authenticate_via_authkey(svcname: str, env: Mapping, authcfg: Mapping, log:
     log.warning("Unrecognized token from client %s", str(client_id))
     if authcfg.get('raise_on_invalid'):
         raise Unauthenticated("Unrecognized auth token")
-    return Agent(svcname, Agent.UNKN, Agent.ANONYMOUS, Agent.INVALID, agents)
+    return Agent(svcname, Agent.UNKN, Agent.ANONYMOUS, Agent.INVALID, agents,
+                 invalid_reason="Unrecognized auth token")
 
 def authenticate_via_proxy_x509(svcname: str, env: Mapping, authcfg: Mapping, log: Logger,
                                 agents: List[str]=None, client_id: str=None):