node-proxy: re-auth and retry once on 401

This commit makes node-proxy clear the session, call login() and retry
the request when a 401 http error is caught.

Fixes: https://tracker.ceph.com/issues/74749
Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>

diff --git a/src/ceph-node-proxy/ceph_node_proxy/redfish.py b/src/ceph-node-proxy/ceph_node_proxy/redfish.py
index 69ad1b4723a848b578743203ccc801c278d8c3e0..02a1f698e154a3328e9e16c15a0c2314e8a650c5 100644 (file)
--- a/src/ceph-node-proxy/ceph_node_proxy/redfish.py
+++ b/src/ceph-node-proxy/ceph_node_proxy/redfish.py
@@ -123,7 +123,9 @@ class Endpoint:
         except KeyError as e:
             self.log.error(f"KeyError while querying {url}: {e}")
         except HTTPError as e:
-            self.log.error(f"HTTP error while querying {url} - {e.code} - {e.reason}")
+            self.log.error(
+                f"HTTP error while querying {url} - {e.code} - {e.reason}"
+            )
         except json.JSONDecodeError as e:
             self.log.error(f"JSON decode error while querying {url}: {e}")
         except Exception as e:

diff --git a/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py b/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py
index e76d841c9bb998ef03c1c193c6f54883af182a74..652d2dd832b09676cb045c6c41079655db802bfc 100644 (file)
--- a/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py
+++ b/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py
@@ -123,23 +123,35 @@ class RedFishClient(BaseClient):
         endpoint: str = "",
         timeout: int = 10,
     ) -> Tuple[HTTPMessage, str, int]:
-        _headers = headers.copy() if headers else {}
-        if self.token:
-            _headers["X-Auth-Token"] = self.token
-        if not _headers.get("Content-Type") and method in ["POST", "PUT", "PATCH"]:
-            _headers["Content-Type"] = "application/json"
-        try:
-            response_headers, response_str, response_status = http_req(
+        def req_headers() -> Dict[str, str]:
+            h = headers.copy() if headers else {}
+            if self.token:
+                h["X-Auth-Token"] = self.token
+            if not h.get("Content-Type") and method in ["POST", "PUT", "PATCH"]:
+                h["Content-Type"] = "application/json"
+            return h
+
+        def do_req(h: Dict[str, str]) -> Tuple[HTTPMessage, str, int]:
+            return http_req(
                 hostname=self.host,
                 port=self.port,
                 endpoint=endpoint,
-                headers=_headers,
+                headers=h,
                 method=method,
                 data=data,
                 timeout=timeout,
             )
 
-            return response_headers, response_str, response_status
+        try:
+            return do_req(req_headers())
         except (HTTPError, URLError) as e:
+            if isinstance(e, HTTPError) and e.code == 401:
+                self.log.warning(
+                    f"Got 401 from {endpoint}, re-authenticating and retrying once"
+                )
+                self.token = ""
+                self.location = ""
+                self.login()
+                return do_req(req_headers())
             self.log.debug(f"endpoint={endpoint} err={e}")
             raise