From: Guillaume Abrioux <gabrioux@ibm.com>
Date: Wed, 11 Feb 2026 07:41:32 +0000 (+0100)
Subject: node-proxy: re-auth and retry once on 401
X-Git-Tag: testing/wip-vshankar-testing-20260219.125903~7^2~4
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=3eb664e5f7e4decba96c6566b6252ff0ecc523e3;p=ceph-ci.git

node-proxy: re-auth and retry once on 401

This commit makes node-proxy clear the session, call login() and retry
the request when a 401 http error is caught.

Fixes: https://tracker.ceph.com/issues/74749

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
---

diff --git a/src/ceph-node-proxy/ceph_node_proxy/redfish.py b/src/ceph-node-proxy/ceph_node_proxy/redfish.py
index 69ad1b4723a..02a1f698e15 100644
--- a/src/ceph-node-proxy/ceph_node_proxy/redfish.py
+++ b/src/ceph-node-proxy/ceph_node_proxy/redfish.py
@@ -123,7 +123,9 @@ class Endpoint:
         except KeyError as e:
             self.log.error(f"KeyError while querying {url}: {e}")
         except HTTPError as e:
-            self.log.error(f"HTTP error while querying {url} - {e.code} - {e.reason}")
+            self.log.error(
+                f"HTTP error while querying {url} - {e.code} - {e.reason}"
+            )
         except json.JSONDecodeError as e:
             self.log.error(f"JSON decode error while querying {url}: {e}")
         except Exception as e:
diff --git a/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py b/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py
index e76d841c9bb..652d2dd832b 100644
--- a/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py
+++ b/src/ceph-node-proxy/ceph_node_proxy/redfish_client.py
@@ -123,23 +123,35 @@ class RedFishClient(BaseClient):
         endpoint: str = "",
         timeout: int = 10,
     ) -> Tuple[HTTPMessage, str, int]:
-        _headers = headers.copy() if headers else {}
-        if self.token:
-            _headers["X-Auth-Token"] = self.token
-        if not _headers.get("Content-Type") and method in ["POST", "PUT", "PATCH"]:
-            _headers["Content-Type"] = "application/json"
-        try:
-            response_headers, response_str, response_status = http_req(
+        def req_headers() -> Dict[str, str]:
+            h = headers.copy() if headers else {}
+            if self.token:
+                h["X-Auth-Token"] = self.token
+            if not h.get("Content-Type") and method in ["POST", "PUT", "PATCH"]:
+                h["Content-Type"] = "application/json"
+            return h
+
+        def do_req(h: Dict[str, str]) -> Tuple[HTTPMessage, str, int]:
+            return http_req(
                 hostname=self.host,
                 port=self.port,
                 endpoint=endpoint,
-                headers=_headers,
+                headers=h,
                 method=method,
                 data=data,
                 timeout=timeout,
             )
 
-            return response_headers, response_str, response_status
+        try:
+            return do_req(req_headers())
         except (HTTPError, URLError) as e:
+            if isinstance(e, HTTPError) and e.code == 401:
+                self.log.warning(
+                    f"Got 401 from {endpoint}, re-authenticating and retrying once"
+                )
+                self.token = ""
+                self.location = ""
+                self.login()
+                return do_req(req_headers())
             self.log.debug(f"endpoint={endpoint} err={e}")
             raise