diff --git a/CHANGELOG b/CHANGELOG index 9ddca08b..f3904d31 100755 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,16 @@ # Changelog +## v2.4.0 + +### Improvements + +- Add toggle to turn off evaluate API. + +### Breaking changes + +- Changing error code to 406 when server not configured for authentication + but credentials are provided by client. + ## v2.3.2 ### Improvements diff --git a/tabpy/VERSION b/tabpy/VERSION index f90b1afc..197c4d5c 100755 --- a/tabpy/VERSION +++ b/tabpy/VERSION @@ -1 +1 @@ -2.3.2 +2.4.0 diff --git a/tabpy/tabpy_server/handlers/base_handler.py b/tabpy/tabpy_server/handlers/base_handler.py index 26a86916..3d522b03 100644 --- a/tabpy/tabpy_server/handlers/base_handler.py +++ b/tabpy/tabpy_server/handlers/base_handler.py @@ -421,7 +421,7 @@ def should_fail_with_auth_error(self): def fail_with_auth_error(self): """ - Prepares server 401 response and server 400 response depending + Prepares server 401 response and server 406 response depending on the value of the self.auth_error flag """ if self.auth_error == AuthErrorStates.NotAuthorized: @@ -434,11 +434,11 @@ def fail_with_auth_error(self): log_message="Invalid credentials provided.", ) else: - self.logger.log(logging.ERROR, "Failing with 400 for Bad Request") - self.set_status(400) + self.logger.log(logging.ERROR, "Failing with 406 for Not Acceptable") + self.set_status(406) self.set_header("WWW-Authenticate", f'Basic realm="{self.tabpy_state.name}"') self.error_out( - 400, - info="Bad request.", - log_message="Username or Password provided when authentication not available", + 406, + info="Not Acceptable", + log_message="Username or password provided when authentication not available.", ) diff --git a/tests/unit/server_tests/test_endpoint_handler.py b/tests/unit/server_tests/test_endpoint_handler.py index 2f2d20c8..1082c4ab 100755 --- a/tests/unit/server_tests/test_endpoint_handler.py +++ b/tests/unit/server_tests/test_endpoint_handler.py @@ -161,4 +161,4 @@ def test_creds_no_auth_fails(self): ) }, ) - self.assertEqual(400, response.code) + self.assertEqual(406, response.code) diff --git a/tests/unit/server_tests/test_endpoints_handler.py b/tests/unit/server_tests/test_endpoints_handler.py index 5255b2b4..d40d7325 100755 --- a/tests/unit/server_tests/test_endpoints_handler.py +++ b/tests/unit/server_tests/test_endpoints_handler.py @@ -143,4 +143,4 @@ def test_creds_no_auth_fails(self): ) }, ) - self.assertEqual(400, response.code) + self.assertEqual(406, response.code) diff --git a/tests/unit/server_tests/test_evaluation_plane_handler.py b/tests/unit/server_tests/test_evaluation_plane_handler.py index 34c4a38b..238fb585 100755 --- a/tests/unit/server_tests/test_evaluation_plane_handler.py +++ b/tests/unit/server_tests/test_evaluation_plane_handler.py @@ -285,7 +285,7 @@ def test_creds_no_auth_fails(self): ) }, ) - self.assertEqual(400, response.code) + self.assertEqual(406, response.code) class TestEvaluationPlainHandlerDisabled(AsyncHTTPTestCase): diff --git a/tests/unit/server_tests/test_service_info_handler.py b/tests/unit/server_tests/test_service_info_handler.py index 987eeae8..a763eb79 100644 --- a/tests/unit/server_tests/test_service_info_handler.py +++ b/tests/unit/server_tests/test_service_info_handler.py @@ -137,4 +137,4 @@ def test_given_server_with_no_auth_and_password_expect_correct_info_response(sel } response = self.fetch("/info", headers=header) - self.assertEqual(response.code, 400) + self.assertEqual(response.code, 406)