CP-40651 Validate the login username and provide friendly error messa…

…ge - update exception data format Signed-off-by: Lunfan Zhang <[email protected]>
LunfanZhang · Aug 14, 2023 · 8e3398c · 8e3398c
1 parent c181304
commit 8e3398c
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 2 deletions.
diff --git a/ocaml/tests/test_session.ml b/ocaml/tests/test_session.ml
@@ -6,10 +6,17 @@ let future = Date.of_string "2020-09-22T15:03:13Z"
 
 let fail_login ~__context ~uname ~originator ~now () =
   try
+    let user_name = Option.get uname in
     Xapi_session._record_login_failure ~__context ~now ~uname ~originator
       ~record:`log_and_alert (fun () ->
         if Random.bool () then
-          raise Api_errors.(Server_error (session_authentication_failed, [uname, "Authentication failed"]))
+          raise
+            Api_errors.(
+              Server_error
+                ( session_authentication_failed
+                , [user_name; "Authentication failed"]
+                )
+            )
         else
           raise (Auth_signature.Auth_failure "Auth failure")
     )

diff --git a/ocaml/xapi/xapi_http.ml b/ocaml/xapi/xapi_http.ml
@@ -261,7 +261,11 @@ let with_context ?(dummy = false) label (req : Request.t) (s : Unix.file_descr)
   with Http.Unauthorised _ as e ->
     let fail __context =
       TaskHelper.failed ~__context
-        (Api_errors.Server_error (Api_errors.session_authentication_failed, [uname, "Authentication required to access the resource"]))
+        (Api_errors.Server_error
+           ( Api_errors.session_authentication_failed
+           , [""; "Authentication required to access the resource"]
+           )
+        )
     in
     debug
       "No authentication provided to http handler: returning 401 unauthorised" ;