From 905100a189f1ac43540f9f79814368f9b8d20fd1 Mon Sep 17 00:00:00 2001 From: Sergio Oller Date: Fri, 8 Jan 2021 17:28:22 +0100 Subject: [PATCH] Disambiguate Supervisor HTTPUnauthorized on user/password validation (#44940) * Disambiguate HTTPUnauthorized on user/password validation The HA core API usually returns 401 when the request does not have proper authentication tokens or they have expired. However the user/password validation endpoint may also return 401 when the given user/password is invalid. The supervisor is currently unable to distinguish both scenarios, and it needs to. See https://github.com/home-assistant/supervisor/issues/2408 * Return 404 if user& password are not found/valid * Fix test for invalid user/password --- homeassistant/components/hassio/auth.py | 2 +- tests/components/hassio/test_auth.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/homeassistant/components/hassio/auth.py b/homeassistant/components/hassio/auth.py index 23b91ac40bc..a1c032fe0fe 100644 --- a/homeassistant/components/hassio/auth.py +++ b/homeassistant/components/hassio/auth.py @@ -82,7 +82,7 @@ class HassIOAuth(HassIOBaseAuth): data[ATTR_USERNAME], data[ATTR_PASSWORD] ) except auth_ha.InvalidAuth: - raise HTTPUnauthorized() from None + raise HTTPNotFound() from None return web.Response(status=HTTP_OK) diff --git a/tests/components/hassio/test_auth.py b/tests/components/hassio/test_auth.py index 5f27c06a190..a533d468069 100644 --- a/tests/components/hassio/test_auth.py +++ b/tests/components/hassio/test_auth.py @@ -66,7 +66,7 @@ async def test_login_error(hass, hassio_client_supervisor): ) # Check we got right response - assert resp.status == 401 + assert resp.status == 404 mock_login.assert_called_with("test", "123456")