From 143effcd153d74d0c99ed4e51f4edbb1701e6846 Mon Sep 17 00:00:00 2001
From: Matt Jia <mjia@redhat.com>
Date: Tue, 21 Feb 2017 11:03:25 +1000
Subject: [PATCH] Error out if OIDC_CLIENT_SECRETS is not set in server config

---
 module_build_service/auth.py | 3 +--
 tests/test_auth.py           | 5 +++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/module_build_service/auth.py b/module_build_service/auth.py
index 5066b760..0228c7bd 100644
--- a/module_build_service/auth.py
+++ b/module_build_service/auth.py
@@ -44,8 +44,7 @@ def _load_secrets():
         return
 
     if not "OIDC_CLIENT_SECRETS" in app.config:
-        log.warn("To support authorization, OIDC_CLIENT_SECRETS has to be set.")
-        return
+        raise Unauthorized("OIDC_CLIENT_SECRETS must be set in server config.")
 
     secrets = _json_loads(open(app.config['OIDC_CLIENT_SECRETS'],
                                 'r').read())
diff --git a/tests/test_auth.py b/tests/test_auth.py
index e8652d7c..3a6258c4 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -67,3 +67,8 @@ class TestAuthModule(unittest.TestCase):
         with patch.dict('module_build_service.app.config', {'NO_AUTH': True}, clear=True):
             request = mock.MagicMock()
             eq_(module_build_service.auth.get_user(request), None)
+
+    @raises(module_build_service.errors.Unauthorized)
+    def test_misconfiguring_oidc_client_secrets_should_be_failed(self):
+        request = mock.MagicMock()
+        module_build_service.auth.get_user(request)