dont use raise_for_status

use the webob abort method for http errors

Change-Id: Ie56c8197cdee7b522da9d9f91e6314a5cbb30dc5

vitrage/middleware/keycloak.py

@@ -20,6 +20,7 @@ from oslo_config import cfg
 from oslo_log import log as logging
 from oslo_middleware import base
 from oslo_serialization import jsonutils
+from pecan.core import abort
 from six.moves import urllib
 from webob import exc
 
@@ -108,7 +109,9 @@ class KeycloakAuth(base.ConfigurableMiddleware):
             else None
         resp = requests.get(endpoint, headers=headers,
                             verify=verify, cert=cert)
-        resp.raise_for_status()
+
+        if not resp.ok:
+            abort(resp.status_code, resp.reason)
 
     def _set_req_headers(self, req):
         req.headers['X-Identity-Status'] = 'Confirmed'

vitrage/tests/functional/api/v1/test_keycloak.py

@@ -17,12 +17,10 @@
 # noinspection PyPackageRequirements
 from datetime import datetime
 from mock import mock
-import requests
 import requests_mock
-from webtest import TestRequest
-
 from vitrage.middleware.keycloak import KeycloakAuth
 from vitrage.tests.functional.api.v1 import FunctionalTest
+from webtest import TestRequest
 
 
 TOKEN = {
@@ -112,12 +110,12 @@ class KeycloakTest(FunctionalTest):
             reason='Access token is invalid'
         )
 
-        self.assertRaises(requests.exceptions.HTTPError,
-                          self.post_json,
-                          '/topology/',
-                          params=None,
-                          headers=HEADERS,
-                          expect_errors=True)
+        resp = self.post_json('/topology/',
+                              params=None,
+                              headers=HEADERS,
+                              expect_errors=True)
+
+        self.assertEqual('401 Unauthorized', resp.status)
 
     @mock.patch('jwt.decode', return_value=TOKEN)
     @requests_mock.Mocker()