Merge pull request #861 from mozilla-services/bug/860

bug: Limit exception trapping to known types when processing crypto-key
mozilla-services · Apr 4, 2017 · 64b42fc · 64b42fc
2 parents a03910d + 3576d20
commit 64b42fc
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/autopush/tests/test_integration.py b/autopush/tests/test_integration.py
@@ -958,6 +958,18 @@ def test_basic_delivery_with_invalid_vapid(self):
             status=401)
         yield self.shut_down(client)
 
+    @inlineCallbacks
+    def test_basic_delivery_with_invalid_vapid_ckey(self):
+        data = str(uuid.uuid4())
+        client = yield self.quick_register(use_webpush=True)
+        vapid_info = _get_vapid()
+        vapid_info['crypto-key'] = "invalid|"
+        yield client.send_notification(
+            data=data,
+            vapid=vapid_info,
+            status=401)
+        yield self.shut_down(client)
+
     @inlineCallbacks
     def test_delivery_repeat_without_ack(self):
         data = str(uuid.uuid4())

diff --git a/autopush/web/webpush.py b/autopush/web/webpush.py
@@ -321,7 +321,7 @@ def validate_auth(self, d):
 
         try:
             jwt = extract_jwt(token, public_key)
-        except (ValueError, InvalidSignature, Exception):
+        except (ValueError, InvalidSignature, TypeError):
             raise InvalidRequest("Invalid Authorization Header",
                                  status_code=401, errno=109,
                                  headers={"www-authenticate": PREF_SCHEME})