From fe6daf53122dcab33a93fbdb76c65dd8ea30a345 Mon Sep 17 00:00:00 2001
From: Eyal <eyal.bar-ilan@nokia.com>
Date: Mon, 16 Oct 2017 10:49:09 +0300
Subject: [PATCH] dont use raise_for_status

use the webob abort method for http errors

Change-Id: Ie56c8197cdee7b522da9d9f91e6314a5cbb30dc5
---
 vitrage/middleware/keycloak.py                   |  5 ++++-
 vitrage/tests/functional/api/v1/test_keycloak.py | 16 +++++++---------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/vitrage/middleware/keycloak.py b/vitrage/middleware/keycloak.py
index 9d9133afb..60cf01627 100644
--- a/vitrage/middleware/keycloak.py
+++ b/vitrage/middleware/keycloak.py
@@ -20,6 +20,7 @@ from oslo_config import cfg
 from oslo_log import log as logging
 from oslo_middleware import base
 from oslo_serialization import jsonutils
+from pecan.core import abort
 from six.moves import urllib
 from webob import exc
 
@@ -108,7 +109,9 @@ class KeycloakAuth(base.ConfigurableMiddleware):
             else None
         resp = requests.get(endpoint, headers=headers,
                             verify=verify, cert=cert)
-        resp.raise_for_status()
+
+        if not resp.ok:
+            abort(resp.status_code, resp.reason)
 
     def _set_req_headers(self, req):
         req.headers['X-Identity-Status'] = 'Confirmed'
diff --git a/vitrage/tests/functional/api/v1/test_keycloak.py b/vitrage/tests/functional/api/v1/test_keycloak.py
index 47587b51d..4ea1bf304 100644
--- a/vitrage/tests/functional/api/v1/test_keycloak.py
+++ b/vitrage/tests/functional/api/v1/test_keycloak.py
@@ -17,12 +17,10 @@
 # noinspection PyPackageRequirements
 from datetime import datetime
 from mock import mock
-import requests
 import requests_mock
-from webtest import TestRequest
-
 from vitrage.middleware.keycloak import KeycloakAuth
 from vitrage.tests.functional.api.v1 import FunctionalTest
+from webtest import TestRequest
 
 
 TOKEN = {
@@ -112,12 +110,12 @@ class KeycloakTest(FunctionalTest):
             reason='Access token is invalid'
         )
 
-        self.assertRaises(requests.exceptions.HTTPError,
-                          self.post_json,
-                          '/topology/',
-                          params=None,
-                          headers=HEADERS,
-                          expect_errors=True)
+        resp = self.post_json('/topology/',
+                              params=None,
+                              headers=HEADERS,
+                              expect_errors=True)
+
+        self.assertEqual('401 Unauthorized', resp.status)
 
     @mock.patch('jwt.decode', return_value=TOKEN)
     @requests_mock.Mocker()