[MacCoss] Issue 50841: Include detail when basic auth password matches but does not meet complexity rules

[labkey-jeckels]

Issue 50841

• Dev work @labkey-adam
• Fix automated tests @labkey-adam
• Test Python client API @labkey-nicka
• Test R client API @labkey-klum
  • Valid password which doesn't meet complexity requirements. Server log shows : failed to login: password does not meet the complexity requirements
  • However the client is just seeing this message "exception" : "User does not have permission to perform this operation.". Perhaps still throwing UnauthorizedException?

Test scenario:

• Valid credentials
• Bad credentials
• Credentials that match the stored password but are expired
  -- Note the Database Authentication "expire every five seconds" option that makes testing this easy
• Credentials that match the stored password but don't meet current complexity requirements
  -- Reduce complexity requirement
  -- Create user and set minimal password
  -- Raise complexity requirement
  -- Make API call with minimal credentials
  -- Verify response includes message about complexity rule and needing to change password

[labkey-nicka]

The python API processes responses based on HTTP status codes so it handles these cases as I'd expect. Verified valid credentials, bad credentials, stored password expires, and match but don't meet complexity requirements. All returned the message I expected.