Skip to content

Commit

Permalink
Merge 7c1a834 into backport/missing-login-params/virtually-pleased-pa…
Browse files Browse the repository at this point in the history
…rrot
  • Loading branch information
hc-github-team-secure-vault-core authored Sep 23, 2024
2 parents 5a24dc0 + 7c1a834 commit 7d26818
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 3 deletions.
2 changes: 1 addition & 1 deletion builtin/credential/approle/path_login.go
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ func (b *backend) pathLoginUpdate(ctx context.Context, req *logical.Request, dat
// RoleID must be supplied during every login
roleID := strings.TrimSpace(data.Get("role_id").(string))
if roleID == "" {
return logical.ErrorResponse("missing role_id"), nil
return nil, logical.ErrInvalidCredentials
}

// Look for the storage entry that maps the roleID to role
Expand Down
2 changes: 1 addition & 1 deletion builtin/credential/userpass/path_login.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ func (b *backend) pathLogin(ctx context.Context, req *logical.Request, d *framew

password := d.Get("password").(string)
if password == "" {
return nil, fmt.Errorf("missing password")
return nil, logical.ErrInvalidCredentials
}

// Get the user and validate auth
Expand Down
3 changes: 3 additions & 0 deletions changelog/28441.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
auth: Updated error handling for missing login credentials in AppRole and UserPass auth methods to return a 400 error instead of a 500 error.
```
2 changes: 1 addition & 1 deletion vault/external_tests/delegated_auth/delegated_auth_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -327,7 +327,7 @@ func TestDelegatedAuth(t *testing.T) {
path: "login",
username: "allowed-est",
password: "",
errorContains: "missing password",
errorContains: "invalid credentials",
},
{
name: "bad-path-within-delegated-auth-error",
Expand Down

0 comments on commit 7d26818

Please sign in to comment.