Show error messages returned by the WebDAV server

[andreaceccanti]

Hi!

Davix hides error messages coming from the server, making it difficult to debug issues or use Davix as a client in automated tests.

Example:

$ davix-ls -H "Authorization: Bearer ${BT}" https://storm.example:8443/wlcg
(Davix::HttpRequest) Error: Authentification failed on server

There's a typo in the error message, it should read "Authentication failed on server", but the main problem
is that Davix hides error information coming from the server that could help the user understand what's
going on.

11:27 $ davix-ls --debug -H "Authorization: Bearer ${BT}" https://storm.example:8443/wlcg
DAVIX(socket): ssl: Initialized OpenSSL thread-safety callbacks for 1 locks.

DAVIX(core): HTTP/SSL Session caching ENABLED
DAVIX(core): Redirection Session caching ENABLED
...
DAVIX(socket): Running pre_send hooks
> PROPFIND /wlcg HTTP/1.1
> User-Agent: libdavix/0.7.6 neon/0.0.29
> Keep-Alive:
> Connection: Keep-Alive
> TE: trailers
> Host: storm.example:8443
> Depth: 1
> Authorization: Bearer eyJra....a3re25tgugeWlETlAcay1pxNwdGQCQSfpg
> Content-Length: 303
>
...
DAVIX(socket): Sending request body:
DAVIX(socket): Request body sent successfully
DAVIX(socket): Request sent; retry is 0.
< HTTP/1.1 401 Unauthorized
< WWW-Authenticate: Bearer error="invalid_token", error_description="Unknown token issuer: https://tf.cloud.cnaf.infn.it", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Content-Length: 0
<
DAVIX(socket): End of headers.
DAVIX(socket): Running post_headers hooks
DAVIX(socket): Running post_send hooks
DAVIX(ssl): ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Bearer error="invalid_token", error_description="Unknown token issuer: https://tf.cloud.cnaf.infn.it", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"

DAVIX(ssl): auth: Got challenge (code 401).
DAVIX(ssl): auth: Ignored parameter: error = "invalid_token
DAVIX(ssl): auth: Ignored parameter: error_description = "Unknown token issuer: https://tf.cloud.cnaf.infn.it
DAVIX(ssl): auth: Ignored parameter: error_uri = "https://tools.ietf.org/html/rfc6750#section-3.1

Davix version (on MacOS Mojave):

11:35 $ davix-ls --version
Version: 0.7.6

Thanks!
A.

[gbitzes]

Hi Andrea,

Which additional information would you propose we add to the non-debug output? Maybe the information contained in WWW-Authenticate?

I believe "authentification" is not a typo, but a French term from the first davix developer 😛 (https://fr.wikipedia.org/wiki/Authentification) I'm not sure we should change it, as it also appears as a constant in an enum inside the code.

Cheers,
Georgios

[andreaceccanti]

Hello Georgios,

Which additional information would you propose we add to the non-debug output? Maybe the information contained in WWW-Authenticate?

Yes, exactly.

I believe "authentification" is not a typo, but a French term from the first davix developer 😛 (https://fr.wikipedia.org/wiki/Authentification) I'm not sure we should change it, as it also appears as a constant in an enum inside the code.

Ha!
I think it would be more consistent if the word would be in English (since the other messages are in English), but it's not a big issue.

Thanks!
A.

[gbitzes]

Hi Andrea, just added information from WWW-Authenticate to the error message. Could you test? Or maybe provide me with an endpoint as the one in your example?

Thanks,
Georgios