Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

token auth does not handle a case of vault_file being a directory #152

Closed
briantist opened this issue Oct 7, 2021 · 1 comment · Fixed by #154
Closed

token auth does not handle a case of vault_file being a directory #152

briantist opened this issue Oct 7, 2021 · 1 comment · Fixed by #154
Assignees
@briantist
Labels
bug Something isn't working
Milestone
v1.4.0

Comments

@briantist
Copy link
Collaborator

briantist commented Oct 7, 2021
edited

SUMMARY

Will need to do a little more testing/evaluation, but it appears that there are two issues:

  1. When token auth validation happens, and it looks for the token from disk (via token_path and token_file), if the token_file exists and is a directory, that condition is not properly handled and it raises an exception.
  2. The above seems to occur even when auth_method != token; which shouldn't be the case.

Will confirm both cases and post a PR to fix.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

module_utils/auth_methods

ANSIBLE VERSION

N/A

COLLECTION VERSION

1.3.2

CONFIGURATION

N/A

OS / ENVIRONMENT

N/A

STEPS TO REPRODUCE



EXPECTED RESULTS



ACTUAL RESULTS







      		
    

      
  





        


            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @briantist
briantist




          added
  the 

  bug

  Something isn't working
 label


      Oct 7, 2021

    

  



    

    

      
    

    


      

          @briantist
briantist




              self-assigned this


      Oct 7, 2021

    

  



    

    

      
    

    


      

          @briantist
briantist




          added this to the   v1.4.0 milestone


      Oct 11, 2021

    

  



  


  
    
  
  

    
  briantist 

      added a commit
        to briantist/community.hashi_vault
      that referenced
      this issue

    
      Oct 11, 2021
    
    

      


  

    

      


  

      
        @briantist
  





      

        
          add unit test that catches ansible-collections#152
        


      


      

          

    
    
    

  

      


      

      


      
      

        
          59d145f
        
      

    

  




    

  









      

  
      



  

  @briantist





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

      

  
    Collaborator


      

  Author


  


  

    

  





      


        


  
    

      
          
I was not able to confirm the second point; that the issue occurs when auth_method != token. For me, that didn't seem to happen. That also matches the expectations of the code as written; can't find a way where that could have been the case.


I think something in my local environment where this popped up was obfuscating the fact that token auth was selected for.


However the main issue, which ultimately is an unhandled exception, is confirmed. If that code path is reached, it's already the last resort, and would have raised an exception anyway, it's just the wrong one.

      		
    

  





        


            

              
            

        

      


      

            
  

    
  
  

  

  



    












      

  
          

  

    
  


  

      

    @briantist
briantist



    mentioned this issue
    
      Oct 11, 2021
    





  


  

      
   Merged

  







  




    

    

      
    

    


      

          @briantist
briantist




        changed the title
vault_path is evaluated on non-token auth, and does not handle a case of vault_file being a directory

token auth does not handle a case of vault_file being a directory


      Oct 11, 2021

    

  



    

    


  


  
    
  
  

    
  briantist 

      added a commit
      that referenced
      this issue

    
      Oct 12, 2021
    
    

      


  

    

      


  

      
        @briantist
      
        @felixfontein
  





      

        
          token auth - unhandled exception when token_file is a directory (#154)
        

          
            
          

      


      

          

    
    
    

  

    


      


      

      


      
      

        
          a7c2a19
        
      

    

  

    

      
* add unit test that catches #152

* token_file must be a file

* add changelog fragment for #154

* Give a better error message

* Update plugins/module_utils/_auth_method_token.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>

    




    

  













  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

      

        

  
    @briantist
  
    briantist
    

      








      


  


  

    Labels
  



    

      

    bug

  Something isn't working








      

  

    

        

    Projects
  


        




    None yet




  



      

  

    
  

    Milestone
  


      
    
  
    v1.4.0
  





    
      
          


  

    
      

        
    

    Development
  




            
Successfully merging a pull request may close this issue.





    


  
          
      token auth - unhandled exception when token_file is a directory

    
      briantist/community.hashi_vault
    





    
  




        
      

    

  
      

  

    

      1 participant
    

    

        
          @briantist