diff options
author | David Pursehouse <david.pursehouse@gmail.com> | 2017-01-13 10:08:29 +0900 |
---|---|---|
committer | David Pursehouse <david.pursehouse@gmail.com> | 2017-01-13 10:46:15 +0900 |
commit | 7245aa031621c4c8d3fd9892ecbc9ded6f0e7283 (patch) | |
tree | bf005b54cfa4133a1e09d409de63ba2cecd6f8e9 /org.eclipse.jgit.lfs.server/src | |
parent | 0e187f14843f1e1c73bfe6e80e91fdf03ae96067 (diff) | |
download | jgit-7245aa031621c4c8d3fd9892ecbc9ded6f0e7283.tar.gz jgit-7245aa031621c4c8d3fd9892ecbc9ded6f0e7283.zip |
Add support for refusing LFS request due to invalid authorization
Add a new exception type that server implementations can throw when a
client attempts to make an unauthorized LFS operation, which will result
in HTTP 401 Unauthorized being returned to the client.
An example of this is a Gerrit server that rejects a request to perform
an LFS operation on a ref that is not visible to the caller.
As defined in the LFS spec [1] the request may include authentication,
and per RFC 2616 [2], "401 response indicates that authorization has been
refused for those credentials".
[1] https://github.com/git-lfs/git-lfs/blob/master/docs/api/batch.md
[2] https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
Change-Id: I2aa22e2144df5fb7972df0e3285b77b08ecc63f2
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Diffstat (limited to 'org.eclipse.jgit.lfs.server/src')
-rw-r--r-- | org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java b/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java index 841074beeb..0dffb8df0b 100644 --- a/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java +++ b/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java @@ -49,6 +49,7 @@ import static org.apache.http.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.apache.http.HttpStatus.SC_NOT_FOUND; import static org.apache.http.HttpStatus.SC_OK; import static org.apache.http.HttpStatus.SC_SERVICE_UNAVAILABLE; +import static org.apache.http.HttpStatus.SC_UNAUTHORIZED; import static org.apache.http.HttpStatus.SC_UNPROCESSABLE_ENTITY; import java.io.BufferedReader; @@ -71,6 +72,7 @@ import org.eclipse.jgit.lfs.errors.LfsInsufficientStorage; import org.eclipse.jgit.lfs.errors.LfsRateLimitExceeded; import org.eclipse.jgit.lfs.errors.LfsRepositoryNotFound; import org.eclipse.jgit.lfs.errors.LfsRepositoryReadOnly; +import org.eclipse.jgit.lfs.errors.LfsUnauthorized; import org.eclipse.jgit.lfs.errors.LfsUnavailable; import org.eclipse.jgit.lfs.errors.LfsValidationError; @@ -201,6 +203,8 @@ public abstract class LfsProtocolServlet extends HttpServlet { sendError(res, w, SC_INSUFFICIENT_STORAGE, e.getMessage()); } catch (LfsUnavailable e) { sendError(res, w, SC_SERVICE_UNAVAILABLE, e.getMessage()); + } catch (LfsUnauthorized e) { + sendError(res, w, SC_UNAUTHORIZED, e.getMessage()); } catch (LfsException e) { sendError(res, w, SC_INTERNAL_SERVER_ERROR, e.getMessage()); } finally { |