diff options
| -rw-r--r-- | keystone/service.py | 3 | ||||
| -rw-r--r-- | tests/test_service.py | 15 |
2 files changed, 18 insertions, 0 deletions
diff --git a/keystone/service.py b/keystone/service.py index fdc895cb..c5fe9633 100644 --- a/keystone/service.py +++ b/keystone/service.py @@ -285,6 +285,9 @@ class TokenController(wsgi.Application): Alternatively, this call accepts auth with only a token and tenant that will return a token that is scoped to that tenant. """ + if not auth: + raise exception.ValidationError(attribute='auth', + target='request body') if 'passwordCredentials' in auth: user_id = auth['passwordCredentials'].get('userId', None) diff --git a/tests/test_service.py b/tests/test_service.py index fc4e94de..979e9472 100644 --- a/tests/test_service.py +++ b/tests/test_service.py @@ -49,3 +49,18 @@ class TokenControllerTest(test.TestCase): 'tenantName': 'demo'} self.assertRaises(exception.ValidationError, self.api.authenticate, None, body_dict) + + def test_authenticate_blank_request_body(self): + """Verify sending empty json dict raises the right exception.""" + self.assertRaises(exception.ValidationError, self.api.authenticate, + None, {}) + + def test_authenticate_blank_auth(self): + """Verify sending blank 'auth' raises the right exception.""" + self.assertRaises(exception.ValidationError, self.api.authenticate, + None, {'auth': {}}) + + def test_authenticate_invalid_auth_content(self): + """Verify sending invalid 'auth' raises the right exception.""" + self.assertRaises(exception.ValidationError, self.api.authenticate, + None, {'auth': 'abcd'}) |