Fixed null token panic from 'v1/auth/token/' endpoints and returned p… (#13233)

* Fixed null token panic from 'v1/auth/token/' endpoints and returned proper error response * added changelog entry for PR #13233 * changed error message from 'bad token' to 'null token' * rebased off of main * Revert "changed error message from 'bad token' to 'null token'" This reverts commit 381ed9b32c5ddd5e47adb1643ef7e46fb768bc76. * changed 'bad token' error message to 'invalid token' after revert * remove unnecessary vault-data folder
2021-12-21 09:46:56 -08:00 · 2021-12-21 09:46:56 -08:00 · e0ac921b8f
parent f574e75f11
commit e0ac921b8f
3 changed files with 7 additions and 2 deletions
--- a/api/auth_token.go
+++ b/api/auth_token.go
@ -1,6 +1,8 @@
 package api

-import "context"
+import (
+	"context"
+)

 // TokenAuth is used to perform token backend operations on Vault
 type TokenAuth struct {
--- a/changelog/13233.txt
+++ b/changelog/13233.txt
@ -0,0 +1,3 @@
+```release-note:bug
+core/token: Fix null token panic from 'v1/auth/token/' endpoints and return proper error response.
+```
--- a/vault/request_handling.go
+++ b/vault/request_handling.go
@ -553,7 +553,7 @@ func (c *Core) handleCancelableRequest(ctx context.Context, req *logical.Request
 				break
 			}
 			if token == nil {
-				return logical.ErrorResponse("bad token"), logical.ErrPermissionDenied
+				return logical.ErrorResponse("invalid token"), logical.ErrPermissionDenied
 			}
 			_, nsID := namespace.SplitIDFromString(token.(string))
 			if nsID != "" {