Raise better exception based on token validation with server

csexton · csexton · commit e7a225edb70d · 2015-07-09T16:17:57.000-04:00
Having the token fail should not raise a request error, so capture a 401
response code and raise that as a specific TokenUnauthorized exception.
Other errors will raise a RequestError (or possibly some other one) but
that should be much more descriptive when troubleshooting errors.

Move `request_http_token_authentication` to the token module, since it
have more to do with tokens than it does with API.
diff --git a/lib/kracken/controllers/json_api_compatible.rb b/lib/kracken/controllers/json_api_compatible.rb
@@ -86,12 +86,6 @@ def self.included(base)
         end
       end
 
-      # NOTE: Monkey-patch until this is merged into the gem
-      def request_http_token_authentication(realm = 'Application')
-        headers["WWW-Authenticate"] = %(Token realm="#{realm.gsub(/"/, "")}")
-        raise TokenUnauthorized
-      end
-
       module DataIntegrity
         # Scan each item in the data root and enforce it has an id set.
         def enforce_resource_ids!
diff --git a/lib/kracken/controllers/token_authenticatable.rb b/lib/kracken/controllers/token_authenticatable.rb
@@ -10,19 +10,19 @@ def self.included(base)
         base.instance_exec do
           before_action :authenticate_user_with_token!
           helper_method :current_user
-
-          rescue_from Kracken::RequestError do |_|
-            # TODO: Handle other types of errors (such as if the server is down)
-            raise TokenUnauthorized,
-              "Invalid credentials"
-          end
         end
 
 
       end
 
       attr_reader :current_user
 
+      # NOTE: Monkey-patch until this is merged into the gem
+      def request_http_token_authentication(realm = 'Application')
+        headers["WWW-Authenticate"] = %(Token realm="#{realm.gsub(/"/, "")}")
+        raise TokenUnauthorized, "Invalid Credentials"
+      end
+
       private
 
       # `authenticate_or_request_with_http_token` is a nice Rails helper:
diff --git a/lib/kracken/credential_authenticator.rb b/lib/kracken/credential_authenticator.rb
@@ -10,6 +10,8 @@ def fetch(email, password)
       # An attempt to raise error when approprate:
       if response.status == 404
         nil
+      elsif response.status == 401
+        raise TokenUnauthorized, "Invalid credentials"
       elsif response.success?
         JSON.parse(response.body)
       else
diff --git a/lib/kracken/json_api/exception_wrapper.rb b/lib/kracken/json_api/exception_wrapper.rb
@@ -4,9 +4,9 @@ class ExceptionWrapper < ActionDispatch::ExceptionWrapper
       cattr_accessor :rescue_with_details_responses
       @@rescue_with_details_responses = Hash.new
       @@rescue_with_details_responses.merge!(
-        'Kracken::Controllers::ResourceNotFound' => :not_found,
-        'Kracken::Controllers::TokenUnauthorized' => :unauthorized,
-        'Kracken::Controllers::UnprocessableEntity' => :unprocessable_entity,
+        'Kracken::ResourceNotFound' => :not_found,
+        'Kracken::TokenUnauthorized' => :unauthorized,
+        'Kracken::UnprocessableEntity' => :unprocessable_entity,
       )
 
       def self.status_code_for_exception(class_name)
diff --git a/lib/kracken/token_authenticator.rb b/lib/kracken/token_authenticator.rb
@@ -10,6 +10,8 @@ def fetch(token)
       # An attempt to raise error when approprate:
       if response.status == 404
         nil
+      elsif response.status == 401
+        raise TokenUnauthorized, "Invalid credentials"
       elsif response.success?
         JSON.parse(response.body)
       else
@@ -22,5 +24,6 @@ def fetch(token)
     def connection
       @connection ||= Faraday.new(url: PROVIDER_URL)
     end
+
   end
 end
