fix(jwk): missing auth header correctly returns 401 error

Author: asimurka

src/authentication/jwk_token.py

@@ -16,7 +16,7 @@
 from cachetools import TTLCache
 from fastapi import HTTPException, Request
 
-from authentication.interface import NO_AUTH_TUPLE, AuthInterface, AuthTuple
+from authentication.interface import AuthInterface, AuthTuple
 from authentication.utils import extract_user_token
 from constants import (
     DEFAULT_VIRTUAL_PATH,
@@ -180,7 +180,8 @@ async def __call__(self, request: Request) -> AuthTuple:
             Authorization header is present.
         """
         if not request.headers.get("Authorization"):
-            return NO_AUTH_TUPLE
+            response = UnauthorizedResponse(cause="No Authorization header found")
+            raise HTTPException(**response.model_dump())
 
         user_token = extract_user_token(request.headers)
 

tests/e2e/features/rbac.feature

@@ -12,14 +12,20 @@ Feature: Role-Based Access Control (RBAC)
   # Authentication - Token Validation
   # ============================================
 
-  #https://issues.redhat.com/browse/LCORE-1210
-  @skip
   Scenario: Request without token returns 401
     Given The system is in default state
       And I remove the auth header
      When I access REST API endpoint "models" using HTTP GET method
      Then The status code of the response is 401
-      And The body of the response contains Missing or invalid credentials
+     And The body of the response is the following
+        """
+        {
+              "detail": {
+                  "response": "Missing or invalid credentials provided by client",
+                  "cause": "No Authorization header found"
+                }     
+        }
+        """
 
   Scenario: Request with malformed Authorization header returns 401
     Given The system is in default state

tests/unit/authentication/test_jwk_token.py

@@ -13,7 +13,6 @@
 from authlib.jose import JsonWebKey, JsonWebToken
 
 from authentication.jwk_token import JwkTokenAuthDependency, _jwk_cache
-from constants import DEFAULT_USER_NAME, DEFAULT_USER_UID, NO_USER_TOKEN
 from models.config import JwkConfiguration, JwtConfiguration
 
 TEST_USER_ID = "test-user-123"
@@ -435,19 +434,16 @@ async def test_no_auth_header(
     mocked_signing_keys_server: Any,
     no_token_request: Request,
 ) -> None:
-    """Test with no Authorization header."""
+    """Test with no Authorization header returns 401 Unauthorized."""
     _ = mocked_signing_keys_server
 
     dependency = JwkTokenAuthDependency(default_jwk_configuration)
 
-    user_id, username, skip_userid_check, token_claims = await dependency(
-        no_token_request
-    )
+    with pytest.raises(HTTPException) as exc_info:
+        await dependency(no_token_request)
 
-    assert user_id == DEFAULT_USER_UID
-    assert username == DEFAULT_USER_NAME
-    assert skip_userid_check is True
-    assert token_claims == NO_USER_TOKEN
+    assert exc_info.value.status_code == 401
+    assert "No Authorization header found" in str(exc_info.value.detail)
 
 
 async def test_no_bearer(