From d05a5c646087877abe3819116cfc84ef9b053567 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 13 Apr 2012 15:19:32 -0400 Subject: Return consistent expiration message for forms-based login We need to inform users when a forms-based login fails due to the password needing to be reset. Currently there is no way to distinguish a reset case vs an incorrect password. This will bind the user using a simple LDAP bind over ldapi (by default) and if that is successful, check the expiration date against the current time. The UI portion of this that uses this message will come later. https://fedorahosted.org/freeipa/ticket/2608 --- tests/test_ipaserver/test_rpcserver.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/test_ipaserver/test_rpcserver.py b/tests/test_ipaserver/test_rpcserver.py index 96d4614a..230eef24 100644 --- a/tests/test_ipaserver/test_rpcserver.py +++ b/tests/test_ipaserver/test_rpcserver.py @@ -102,11 +102,12 @@ def test_unauthorized_error(): s = StartResponse() assert_equal( - f.unauthorized(None, s, 'unauthorized'), + f.unauthorized(None, s, 'unauthorized', 'password-expired'), [t % dict(message='unauthorized')] ) assert s.status == '401 Unauthorized' - assert s.headers == [('Content-Type', 'text/html; charset=utf-8')] + assert s.headers == [('Content-Type', 'text/html; charset=utf-8'), + ('X-IPA-Rejection-Reason', 'password-expired')] def test_params_2_args_options(): -- cgit