New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
error!('Unauthorized', 401) does not work as expected #628
Comments
If you don't call |
Sure: here are three cases that I encountered. Codeget :ping do
# error!('Unauthorized', 401)
{ message: "pong" }
end ResponseCode: 200 OK { "message":"pong" } Rails server logStarted GET "/api/v3/auth/ping?token=abcdefg" for 10.0.2.2 at 2014-04-14 11:22:28 +0000 Codeget :ping do
error!('Unauthorized', 402)
{ message: "pong" }
end ResponseCode: 402 Payment required { error: "Unauthorized" } Rails server logStarted GET "/api/v3/auth/ping?token=abcdefg" for 10.0.2.2 at 2014-04-14 11:24:39 +0000 Codeget :ping do
error!('Unauthorized', 401)
{ message: "pong" }
end ResponseCode: 302 Not Found Rails server logStarted GET "/api/v3/auth/ping?token=abcdefg" for 10.0.2.2 at 2014-04-14 11:27:33 +0000
Processing by SessionsController#new as */*
Parameters: {"token"=>"abcdefg"}
Redirected to http://localhost:3000/api/
Completed 302 Found in 1ms (ActiveRecord: 0.0ms)
Started GET "/api/" for 10.0.2.2 at 2014-04-14 11:27:34 +0000 Here is what I get exactly for the last one when I query: |
It looks like this call is being handled by your SessionsController, not Grape:
Check your routes? |
Oh yeah you're right! But What I don't get is why wouldn't this work only with error 401? Why does the error 500 works like a charm and this one does not? And second thing, how can I change grape routes? For now, I've just set that in my routes: mount API::Base => '/api' |
Maybe some "magic" middleware handles 401 response? Could you provide a stacktrace for your def new
p caller # this one
...
end |
Of course: Here it is (not really pretty :D) Started GET "/api/v3/auth/ping?token=49984f4073c804cbe2783682ee8eadf4ee16b362adfc29f2ccce" for 10.0.2.2 at 2014-04-19 15:28:13 +0000
ApiKey Load (0.4ms) SELECT `api_keys`.* FROM `api_keys` WHERE `api_keys`.`access_token` = '49984f4073c804cbe2783682ee8eadf4ee16b362adfc29f2ccce' LIMIT 1
Processing by SessionsController#new as HTML
Parameters: {"token"=>"49984f4073c804cbe2783682ee8eadf4ee16b362adfc29f2ccce"}
[
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal/implicit_render.rb:4:in `send_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/abstract_controller/base.rb:189:in `process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal/rendering.rb:10:in `process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/abstract_controller/callbacks.rb:18:in `block in process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/callbacks.rb:423:in `_run__389644801__process_action__callbacks'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/callbacks.rb:80:in `run_callbacks'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/abstract_controller/callbacks.rb:17:in `process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal/rescue.rb:29:in `process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/notifications.rb:159:in `block in instrument'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/notifications/instrumenter.rb:20:in `instrument'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/notifications.rb:159:in `instrument'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal/instrumentation.rb:30:in `process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal/params_wrapper.rb:250:in `process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activerecord-4.0.4/lib/active_record/railties/controller_runtime.rb:18:in `process_action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/abstract_controller/base.rb:136:in `process'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/abstract_controller/rendering.rb:44:in `process'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal.rb:195:in `dispatch'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_controller/metal.rb:231:in `block in action'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/warden-1.2.3/lib/warden/manager.rb:130:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/warden-1.2.3/lib/warden/manager.rb:130:in `call_failure_app'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/warden-1.2.3/lib/warden/manager.rb:116:in `process_unauthenticated'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/warden-1.2.3/lib/warden/manager.rb:42:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/flash.rb:241:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/rack-1.5.2/lib/rack/session/abstract/id.rb:225:in `context'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/rack-1.5.2/lib/rack/session/abstract/id.rb:220:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/cookies.rb:486:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activerecord-4.0.4/lib/active_record/query_cache.rb:36:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activerecord-4.0.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:626:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activerecord-4.0.4/lib/active_record/migration.rb:373:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/callbacks.rb:373:in `_run__434487038__call__callbacks'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/callbacks.rb:80:in `run_callbacks'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/callbacks.rb:27:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/reloader.rb:64:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/remote_ip.rb:76:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/railties-4.0.4/lib/rails/rack/logger.rb:38:in `call_app'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/railties-4.0.4/lib/rails/rack/logger.rb:20:in `block in call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/tagged_logging.rb:68:in `block in tagged'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/tagged_logging.rb:26:in `tagged'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/tagged_logging.rb:68:in `tagged'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/railties-4.0.4/lib/rails/rack/logger.rb:20:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/quiet_assets-1.0.2/lib/quiet_assets.rb:18:in `call_with_quiet_assets'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/request_id.rb:21:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/rack-1.5.2/lib/rack/methodoverride.rb:21:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/rack-1.5.2/lib/rack/runtime.rb:17:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/activesupport-4.0.4/lib/active_support/cache/strategy/local_cache.rb:83:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/rack-1.5.2/lib/rack/lock.rb:17:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/actionpack-4.0.4/lib/action_dispatch/middleware/static.rb:64:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/rack-1.5.2/lib/rack/sendfile.rb:112:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/railties-4.0.4/lib/rails/engine.rb:511:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/railties-4.0.4/lib/rails/application.rb:97:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/rack-1.5.2/lib/rack/content_length.rb:14:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/puma-2.8.2/lib/puma/server.rb:490:in `handle_request'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/puma-2.8.2/lib/puma/server.rb:361:in `process_client'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/puma-2.8.2/lib/puma/server.rb:254:in `block in run'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/puma-2.8.2/lib/puma/thread_pool.rb:92:in `call'",
"/home/vagrant/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/puma-2.8.2/lib/puma/thread_pool.rb:92:in `block in spawn_thread'"
]
Redirected to http://localhost:3000/api/
Completed 302 Found in 4ms (ActiveRecord: 0.0ms) |
Notice how there's no Grape anywhere in the stack. Do you even hit the On Sat, Apr 19, 2014 at 11:33 AM, Dieulivol notifications@github.comwrote:
dB. | Moscow - Geneva - Seattle - New York |
Yep, no Grape anywhere in the stack and I'm 😕 |
It does yeah. I just did a binding.pry right before the error! in my authentication helper and it indeed blocks at that point: 75: def api_authenticate!
=> 76: binding.pry
77: error!(I18n.t('api.v3.errors.error_401'), 401) unless api_current_user
78: end And if I continue, it does the same output as before with SessionsController#new... |
If you post a vanilla Rails app with this problem somewhere on Github, I'll debug it. |
Okay false alarm, it's apparently a problem with Warden that redirects to sessions#new... Thanks a lot for your insights! |
@born4new , Ok. Closed. |
@born4new Could you point us to the code/question/answer that does that? |
Sorry about the late answer: It's not fixed yet, we just had the hunch that Warden was responsible for it... |
It is a warden thing, if you try to request a route that requires authentication or if you respond with a use Warden::Manager do |config|
config.default_scope = :user
config.failure_app = API
config.scope_defaults :user, :strategies => [:password], :action => 'sessions/unauthenticated'
end The action Therefore, if you do not have a custom action setup (an grape endpoint) when you set up warden it will not be able to find that resource so it will respond with a |
Yes, @rolandjitsu is right, warden captures
|
I'm using grape in a rails app (4.0.4).
It is the only code with which I have an issue: the others are working just fine.
Basically when I try to access to the ping action below, it does a redirect 302 to the home api and in my tests the status code is 302 instead of 401...It seems really strange to me, but is it supposed to be that way?
Thanks in advance for your replies!
The text was updated successfully, but these errors were encountered: