grpc
/
grpc-java
mirror of https://github.com/grpc/grpc-java.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

alts: change errr status to permission deny if alts context not found (#6562)

This commit is contained in:
Jiangtao Li 2019-12-27 12:41:51 -08:00 committed by GitHub
parent f07b79b11d
commit d82140cdbc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
alts/src/main/java/io/grpc/alts/AuthorizationUtil.java
View File

@ -37,7 +37,7 @@ public final class AuthorizationUtil {
AltsAuthContext altsContext =
(AltsAuthContext) call.getAttributes().get(AltsProtocolNegotiator.AUTH_CONTEXT_KEY);
if (altsContext == null) {
return Status.NOT_FOUND.withDescription("Peer ALTS AuthContext not found");
return Status.PERMISSION_DENIED.withDescription("Peer ALTS AuthContext not found");
}
if (expectedServiceAccounts.contains(altsContext.getPeerServiceAccount())) {
return Status.OK;

2
alts/src/test/java/io/grpc/alts/AuthorizationUtilTest.java
View File

@ -42,7 +42,7 @@ public final class AuthorizationUtilTest {
Status status =
AuthorizationUtil.clientAuthorizationCheck(
new FakeServerCall(null), Lists.newArrayList("Alice"));
assertThat(status.getCode()).isEqualTo(Status.Code.NOT_FOUND);
assertThat(status.getCode()).isEqualTo(Status.Code.PERMISSION_DENIED);
assertThat(status.getDescription()).startsWith("Peer ALTS AuthContext not found");
status =
AuthorizationUtil.clientAuthorizationCheck(