Non-JSON error thrown if API keys are invalid

[jyee]

When an invalid API key is used, the library doesn't return a standard JSON error and the error thrown never indicates that the reason is the key, only that the server's 403 response is invalid JSON.

For example:

from datadog import initialize, api

options = {
    'api_key': 'this is not a key',
    'app_key': 'this is not a key'
}

initialize(**options)

title = "Something big happened!"
text = 'And let me tell you all about it here!'

foo = api.Event.create(title=title, text=text)

Throws:

Traceback (most recent call last):
  File "test.py", line 14, in <module>
    foo = api.Event.create(title=title, text=text, tags=tags)
  File "/usr/local/lib/python2.7/site-packages/datadog/api/events.py", line 61, in create
    return super(Event, cls).create(attach_host_name=True, **params)
  File "/usr/local/lib/python2.7/site-packages/datadog/api/resources.py", line 46, in create
    attach_host_name=attach_host_name, **params)
  File "/usr/local/lib/python2.7/site-packages/datadog/api/api_client.py", line 143, in submit
    raise ValueError('Invalid JSON response: {0}'.format(content))
ValueError: Invalid JSON response: <html><body><h1>403 Forbidden</h1>
Request forbidden by administrative rules.
</body></html>

Is this a regression? The docs seem to indicate that a JSON error message (e.g. {errors: ['403 Forbidden']}) would be returned.

[dferrante]

i'd like the ability to set fake API keys on tiers that don't matter (and that i dont want to monitor) and just have datadog requests quietly fail. it would be nice if this was passed through if _mute before raise ValueError

[yannmh]

The API key is rejected upstream in the pipeline because it doesn't follow the "right" format (32 alphanumerical characters). This is a problem, and we'll work on a fix to avoid that.

In the meantime, providing 32 characters secrets,

options = {
    'api_key': 'a'*32,
    'app_key': 'b'*32
}

lead to the expected error:

{errors: ['403 Forbidden']}

[dferrante]

sounds good, ill try that, thanks @yannmh

[dferrante]

@yannmh it seems as if api_key='x'*32, app_key='y'*32 is a valid key? when i use it i get valid data returned:

In [9]: datadog.initialize(api_key='a'*32, app_key='b'*32)

In [10]: datadog.api.Event.create(title='test', text='text')
Out[10]: 
{'event': {'date_happened': 1477940399,
  'handle': None,
  'id': 785596678979159314,
  'priority': None,
  'related_event_id': None,
  'tags': None,
  'text': 'text',
  'title': 'test',
  'url': 'https://app.datadoghq.com/event/event?id=785596678979159314'},
 'status': 'ok'}

but when i change it to x's and y's i get the same error as before:

In [11]: datadog.initialize(api_key='x'*32, app_key='y'*32)

In [12]: datadog.api.Event.create(title='test', text='text')
---------------------------------------------------------------------------
ValueError                                Traceback (most recent call last)
<ipython-input-12-a721bfbdf80c> in <module>()
----> 1 datadog.api.Event.create(title='test', text='text')

/home/mach5/Documents/test/ddtest/local/lib/python2.7/site-packages/datadog/api/events.pyc in create(cls, **params)
     59         >>> api.Event.create(title=title, text=text, tags=tags)
     60         """
---> 61         return super(Event, cls).create(attach_host_name=True, **params)
     62 
     63     @classmethod

/home/mach5/Documents/test/ddtest/local/lib/python2.7/site-packages/datadog/api/resources.pyc in create(cls, attach_host_name, method, id, params, **body)
     38         if id is None:
     39             return APIClient.submit('POST', cls._class_url, body,
---> 40                                     attach_host_name=attach_host_name, **params)
     41         else:
     42             return APIClient.submit('POST', cls._class_url + "/" + str(id), body,

/home/mach5/Documents/test/ddtest/local/lib/python2.7/site-packages/datadog/api/api_client.pyc in submit(cls, method, path, body, attach_host_name, response_formatter, error_formatter, **params)
    141                         response_obj = json.loads(content)
    142                 except ValueError:
--> 143                     raise ValueError('Invalid JSON response: {0}'.format(content))
    144 
    145                 if response_obj and 'errors' in response_obj:

ValueError: Invalid JSON response: <html><body><h1>403 Forbidden</h1>
Request forbidden by administrative rules.
</body></html>

[github-actions]

Thanks for your contribution!

This issue has been automatically marked as stale because it has not had activity in the last 30 days. Note that the issue will not be automatically closed, but this notification will remind us to investigate why there's been inactivity. Thank you for participating in the Datadog open source community.

If you would like this issue to remain open:

1. Verify that you can still reproduce the issue in the latest version of this project.

2. Comment that the issue is still reproducible and include updated details requested in the issue template.

[badouralix]

Quick headsup, the ValueError only triggers on the subset of invalid credentials described above. We are currently working on a fix for this.

Note that once the fix is deployed, response validation will still be required, as it might contain errors as per https://docs.datadoghq.com/api/?lang=python#success-and-errors

[jvanbrunschot]

We fixed the issue. We used the same code as @jyee and this will now return:

{"status": "error", "code": 403, "errors": ["Forbidden"], "statuspage": "http://status.datadoghq.com", "twitter": "http://twitter.com/datadogops", "email": "support@datadoghq.com"}