Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hmac GH issues# 600 fix #602

Merged
merged 1 commit into from
Oct 12, 2015
Merged

hmac GH issues# 600 fix #602

merged 1 commit into from
Oct 12, 2015

Conversation

shashiranjan84
Copy link
Contributor

Added fix for #600. Now it will send 403 for wrong username instead of 500

thibaultcha
thibaultcha reviewed Oct 10, 2015
View reviewed changes
kong/plugins/hmac-auth/access.lua
@@ -98,7 +99,8 @@ local function load_secret(username)
local keys, err = dao.hmacauth_credentials:find_by_keys { username = username }
local result
if err then
return responses.send_HTTP_INTERNAL_SERVER_ERROR(err)
ngx_log(ngx.ERR, err)
return responses.send_HTTP_INTERNAL_SERVER_ERROR("Internal system error")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here it is better to give the err. It will show the actual error in the logs for the user, but the consumer will only see a "Internal Server Error" body.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did not get you. Now i log the error instead of sending it as response body. Consumer does not need to know all details for internal failure.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like I said: don't log, it would log twice. I meant send_HTTP_INTERNAL_SERVER_ERROR logs for you, and override the error with "Internal Server Error", so replace your string by err.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got you, will revert back the change.

hmac GH issues# 600 fix
dd4bfe7 
cleaning up

reverting explicit logging
@shashiranjan84 shashiranjan84 added the pr/ready (but hold merge) No more concerns, but do not merge yet (probably a conflict of interest with another PR or release) label Oct 12, 2015
shashiranjan84 added a commit that referenced this pull request Oct 12, 2015
@shashiranjan84
Merge pull request #602 from Mashape/hmac-username-fix
0d93be7 
hmac GH issues# 600 fix
@shashiranjan84 shashiranjan84 merged commit 0d93be7 into master Oct 12, 2015
@thibaultcha thibaultcha deleted the hmac-username-fix branch October 13, 2015 21:41
@michallis michallis mentioned this pull request Oct 14, 2015
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
pr/ready (but hold merge) No more concerns, but do not merge yet (probably a conflict of interest with another PR or release)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shashiranjan84 @thibaultcha