Add data-set name for invalid bearer token messages

- This is actually the error requirement that sparked https://www.pivotaltracker.com/story/show/72627064 off
alphagov · Jun 12, 2014 · ab19ce8 · ab19ce8
1 parent b1a2126
commit ab19ce8
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/backdrop/write/api.py b/backdrop/write/api.py
@@ -254,7 +254,8 @@ def _validate_auth(data_set_config):
 
     if not auth_header_is_valid(data_set_config, auth_header):
         token = extract_bearer_token(auth_header)
-        abort(401, 'Unauthorized: Invalid bearer token "{}"'.format(token))
+        abort(401, 'Unauthorized: Invalid bearer token "{0}" for "{1}"'.format(
+            token, data_set_config.name))
 
 
 def _append_to_data_set(data_set_config, data, ok_message=None):

diff --git a/features/write_api/access_control.feature b/features/write_api/access_control.feature
@@ -11,7 +11,7 @@ Feature: access_control
          when I POST to the specific path "/data/group/type"
          then I should get back a status of "401"
           and I should get a "WWW-Authenticate" header of "bearer"
-          and I should get back the message "Unauthorized: Invalid bearer token "invalid-bearer-token""
+          and I should get back the message "Unauthorized: Invalid bearer token "invalid-bearer-token" for "some_data_set""
 
     @posting_things
     Scenario: unauthorized when posting with a badly formed authorization header