Test 401 condition

MarcialRosales · MarcialRosales · commit 6cd7bd7e4fa7 · 2025-07-16T08:44:55.000+02:00
diff --git a/deps/rabbitmq_management/test/introspect_http_handler.erl b/deps/rabbitmq_management/test/introspect_http_handler.erl
@@ -9,7 +9,7 @@ init(Req, State) ->
         {ok, KeyValues, _Req} -> 
             ct:log("introspect_http_handler responding with active token: ~p", [KeyValues]),
             case proplists:get_value(<<"token">>, KeyValues) of 
-                undefined -> 
+                <<"401">> -> 
                     {ok, cowboy_req:reply(401, #{}, [], Req), State};
                 <<"active">> -> 
                     Body = rabbit_json:encode([{"active", true}, {"scope", "rabbitmq.tag:administrator"}]),
diff --git a/deps/rabbitmq_management/test/rabbit_mgmt_wm_auth_SUITE.erl b/deps/rabbitmq_management/test/rabbit_mgmt_wm_auth_SUITE.erl
@@ -53,7 +53,8 @@ groups() ->
       {run_with_broker, [], [
         {verify_introspection_endpoint, [], [
           introspect_opaque_token_returns_active_jwt_token,
-          introspect_opaque_token_returns_inactive_jwt_token
+          introspect_opaque_token_returns_inactive_jwt_token,
+          introspect_opaque_token_returns_401_from_auth_server
         ]}        
       ]},
       {verify_multi_resource_and_provider, [], [
@@ -695,7 +696,8 @@ end_per_group(_, Config) ->
   Config.
 
 init_per_testcase(Testcase, Config) when Testcase =:= introspect_opaque_token_returns_active_jwt_token orelse
-                                         Testcase =:= introspect_opaque_token_returns_inactive_jwt_token ->
+                                         Testcase =:= introspect_opaque_token_returns_inactive_jwt_token orelse 
+                                         Testcase =:= introspect_opaque_token_returns_401_from_auth_server ->
   ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
     [rabbitmq_auth_backend_oauth2, introspection_endpoint,
       ?config(authorization_server_url, Config)]),
@@ -711,7 +713,8 @@ init_per_testcase(Testcase, Config) when Testcase =:= introspect_opaque_token_re
   rabbit_ct_helpers:testcase_started(Config, Testcase).
             
 end_per_testcase(Testcase, Config) when Testcase =:= introspect_opaque_token_returns_active_jwt_token orelse
-                                        Testcase =:= introspect_opaque_token_returns_inactive_jwt_token ->
+                                        Testcase =:= introspect_opaque_token_returns_inactive_jwt_token orelse 
+                                        Testcase =:= introspect_opaque_token_returns_401_from_auth_server ->
   ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, unset_env,
     [rabbitmq_auth_backend_oauth2, introspection_endpoint]),
   ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, unset_env,
@@ -957,6 +960,9 @@ introspect_opaque_token_returns_inactive_jwt_token(Config) ->
   ?assertEqual(<<"not_authorised">>, maps:get(<<"error">>, JSON)),
   ?assertEqual(<<"Introspected token is not active">>, maps:get(<<"reason">>, JSON)).
 
+introspect_opaque_token_returns_401_from_auth_server(Config) -> 
+  {ok, {{_HTTP, 401, _}, _Headers, _ResBody}} = req(Config, 0, post, "/auth/introspect", [
+    {"authorization", "bearer 401"}], []).
 
 
 %% -------------------------------------------------------------------
