Merge pull request #516 from tableau/dev_auth_not_required_error

Changing error code for AuthErrorStates.NotRequired to 406

Author: jakeichikawasalesforce

CHANGELOG

@@ -1,5 +1,16 @@
 # Changelog
 
+## v2.4.0
+
+### Improvements
+
+- Add toggle to turn off evaluate API.
+
+### Breaking changes
+
+- Changing error code to 406 when server not configured for authentication
+  but credentials are provided by client.
+
 ## v2.3.2
 
 ### Improvements

tabpy/VERSION

@@ -1 +1 @@
-2.3.2
+2.4.0

tabpy/tabpy_server/handlers/base_handler.py

@@ -421,7 +421,7 @@ def should_fail_with_auth_error(self):
 
     def fail_with_auth_error(self):
         """
-        Prepares server 401 response and server 400 response depending
+        Prepares server 401 response and server 406 response depending
         on the value of the self.auth_error flag
         """
         if self.auth_error == AuthErrorStates.NotAuthorized:
@@ -434,11 +434,11 @@ def fail_with_auth_error(self):
                 log_message="Invalid credentials provided.",
             )
         else:
-            self.logger.log(logging.ERROR, "Failing with 400 for Bad Request")
-            self.set_status(400)
+            self.logger.log(logging.ERROR, "Failing with 406 for Not Acceptable")
+            self.set_status(406)
             self.set_header("WWW-Authenticate", f'Basic realm="{self.tabpy_state.name}"')
             self.error_out(
-                400,
-                info="Bad request.",
-                log_message="Username or Password provided when authentication not available",
+                406,
+                info="Not Acceptable",
+                log_message="Username or password provided when authentication not available.",
             )

tests/unit/server_tests/test_endpoint_handler.py

@@ -161,4 +161,4 @@ def test_creds_no_auth_fails(self):
                 )
             },
         )
-        self.assertEqual(400, response.code)
+        self.assertEqual(406, response.code)

tests/unit/server_tests/test_endpoints_handler.py

@@ -143,4 +143,4 @@ def test_creds_no_auth_fails(self):
                 )
             },
         )
-        self.assertEqual(400, response.code)
+        self.assertEqual(406, response.code)

tests/unit/server_tests/test_evaluation_plane_handler.py

@@ -285,7 +285,7 @@ def test_creds_no_auth_fails(self):
                 )
             },
         )
-        self.assertEqual(400, response.code)
+        self.assertEqual(406, response.code)
 
 
 class TestEvaluationPlainHandlerDisabled(AsyncHTTPTestCase):

tests/unit/server_tests/test_service_info_handler.py

@@ -137,4 +137,4 @@ def test_given_server_with_no_auth_and_password_expect_correct_info_response(sel
         }
 
         response = self.fetch("/info", headers=header)
-        self.assertEqual(response.code, 400)
+        self.assertEqual(response.code, 406)