Use correct status codes for /query endpoint

max-svistunov · max-svistunov · commit 204a2a27ae78 · 2025-11-10T15:13:05.000+01:00
diff --git a/src/app/endpoints/query.py b/src/app/endpoints/query.py
@@ -471,6 +471,17 @@ def select_model_and_provider_id(
     Raises:
         HTTPException: If no suitable LLM model is found or the selected model is not available.
     """
+    # If no models are available, raise an exception
+    if not models:
+        message = "No LLM model found in available models"
+        logger.error(message)
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail={
+                "response": constants.UNABLE_TO_PROCESS_RESPONSE,
+                "cause": message,
+            },
+        )
     # If model_id and provider_id are provided in the request, use them
 
     # If model_id is not provided in the request, check the configuration
@@ -504,7 +515,7 @@ def select_model_and_provider_id(
             message = "No LLM model found in available models"
             logger.error(message)
             raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
+                status_code=status.HTTP_404_NOT_FOUND,
                 detail={
                     "response": constants.UNABLE_TO_PROCESS_RESPONSE,
                     "cause": message,
@@ -521,7 +532,7 @@ def select_model_and_provider_id(
         message = f"Model {model_id} from provider {provider_id} not found in available models"
         logger.error(message)
         raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
+            status_code=status.HTTP_404_NOT_FOUND,
             detail={
                 "response": constants.UNABLE_TO_PROCESS_RESPONSE,
                 "cause": message,
diff --git a/src/authentication/jwk_token.py b/src/authentication/jwk_token.py
@@ -142,12 +142,12 @@ async def __call__(self, request: Request) -> AuthTuple:
             ) from exc
         except DecodeError as exc:
             raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
+                status_code=status.HTTP_401_UNAUTHORIZED,
                 detail="Invalid token: decode error",
             ) from exc
         except JoseError as exc:
             raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
+                status_code=status.HTTP_401_UNAUTHORIZED,
                 detail="Invalid token: unknown error",
             ) from exc
         except Exception as exc:
diff --git a/src/authentication/utils.py b/src/authentication/utils.py
@@ -15,12 +15,12 @@ def extract_user_token(headers: Headers) -> str:
     """
     authorization_header = headers.get("Authorization")
     if not authorization_header:
-        raise HTTPException(status_code=400, detail="No Authorization header found")
+        raise HTTPException(status_code=401, detail="No Authorization header found")
 
     scheme_and_token = authorization_header.strip().split()
     if len(scheme_and_token) != 2 or scheme_and_token[0].lower() != "bearer":
         raise HTTPException(
-            status_code=400, detail="No token found in Authorization header"
+            status_code=401, detail="No token found in Authorization header"
         )
 
     return scheme_and_token[1]
diff --git a/tests/e2e/features/environment.py b/tests/e2e/features/environment.py
@@ -78,6 +78,8 @@ def before_scenario(context: Context, scenario: Scenario) -> None:
         context.scenario_config = (
             "tests/e2e/configuration/lightspeed-stack-invalid-feedback-storage.yaml"
         )
+    if "no_models" in scenario.effective_tags:
+        context.scenario_config = "tests/e2e/config/no-models-run.yaml"
 
 
 def after_scenario(context: Context, scenario: Scenario) -> None:
diff --git a/tests/e2e/features/query.feature b/tests/e2e/features/query.feature
@@ -53,12 +53,36 @@ Feature: Query endpoint API tests
      """
      {"query": "Write a simple code for reversing string"}
      """
-      Then The status code of the response is 400
+      Then The status code of the response is 401
       And The body of the response is the following
           """
           {"detail": "No Authorization header found"}
           """
 
+  Scenario: Check if LLM responds to sent question with error when not authenticated with invalid token
+    Given The system is in default state
+    And I set the Authorization header to Bearer invalid
+    When I use "query" to ask question with authorization header
+     """
+     {"query": "Write a simple code for reversing string"}
+     """
+      Then The status code of the response is 401
+      And The body of the response is the following
+          """
+          {"detail":"Invalid token: decode error"}
+          """
+
+  Scenario: Check if LLM responds to sent question with error when model does not exist
+    Given The system is in default state
+    And I set the Authorization header to Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Ikpva
+    When I use "query" to ask question with authorization header
+     """
+     {"query": "Write a simple code for reversing string", "model": "does-not-exist", "provider": "does-not-exist"}
+     """
+      Then The status code of the response is 404
+      And The body of the response contains Model does-not-exist from provider does-not-exist not found in available models
+
+
   Scenario: Check if LLM responds to sent question with error when attempting to access conversation
     Given The system is in default state
      And I set the Authorization header to Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Ikpva
@@ -138,3 +162,14 @@ Scenario: Check if LLM responds for query request with error for missing query
     }
     """
     Then The status code of the response is 200
+Scenario: Check if LLM responds with an error when no models are configured
+    Given The service is started locally
+    And REST API service prefix is /v1
+    Given The system is in default state
+    And I set the Authorization header to Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Ikpva
+    When I use "query" to ask question with authorization header
+      """
+      {"query": "Write a simple code for reversing string"}
+      """
+    Then The status code of the response is 404
+    And The body of the response contains No models available
diff --git a/tests/unit/app/endpoints/test_authorized.py b/tests/unit/app/endpoints/test_authorized.py
@@ -55,12 +55,12 @@ async def test_authorized_dependency_unauthorized() -> None:
     headers_no_auth = Headers({})
     with pytest.raises(HTTPException) as exc_info:
         extract_user_token(headers_no_auth)
-    assert exc_info.value.status_code == 400
+    assert exc_info.value.status_code == 401
     assert exc_info.value.detail == "No Authorization header found"
 
     # Test case 2: Invalid Authorization header format (400 error from extract_user_token)
     headers_invalid_auth = Headers({"Authorization": "InvalidFormat"})
     with pytest.raises(HTTPException) as exc_info:
         extract_user_token(headers_invalid_auth)
-    assert exc_info.value.status_code == 400
+    assert exc_info.value.status_code == 401
     assert exc_info.value.detail == "No token found in Authorization header"
diff --git a/tests/unit/authentication/test_jwk_token.py b/tests/unit/authentication/test_jwk_token.py
@@ -302,7 +302,7 @@ async def test_no_bearer(
     with pytest.raises(HTTPException) as exc_info:
         await dependency(not_bearer_token_request)
 
-    assert exc_info.value.status_code == 400
+    assert exc_info.value.status_code == 401
     assert exc_info.value.detail == "No token found in Authorization header"
 
 
diff --git a/tests/unit/authentication/test_noop_with_token.py b/tests/unit/authentication/test_noop_with_token.py
@@ -81,7 +81,7 @@ async def test_noop_with_token_auth_dependency_no_token() -> None:
     with pytest.raises(HTTPException) as exc_info:
         await dependency(request)
 
-    assert exc_info.value.status_code == 400
+    assert exc_info.value.status_code == 401
     assert exc_info.value.detail == "No Authorization header found"
 
 
@@ -102,5 +102,5 @@ async def test_noop_with_token_auth_dependency_no_bearer() -> None:
     with pytest.raises(HTTPException) as exc_info:
         await dependency(request)
 
-    assert exc_info.value.status_code == 400
+    assert exc_info.value.status_code == 401
     assert exc_info.value.detail == "No token found in Authorization header"
diff --git a/tests/unit/authentication/test_utils.py b/tests/unit/authentication/test_utils.py
@@ -19,7 +19,7 @@ def test_extract_user_token_no_header() -> None:
     try:
         extract_user_token(headers)
     except HTTPException as exc:
-        assert exc.status_code == 400
+        assert exc.status_code == 401
         assert exc.detail == "No Authorization header found"
 
 
@@ -29,5 +29,5 @@ def test_extract_user_token_invalid_format() -> None:
     try:
         extract_user_token(headers)
     except HTTPException as exc:
-        assert exc.status_code == 400
+        assert exc.status_code == 401
         assert exc.detail == "No token found in Authorization header"

Original file line number	Diff line number	Diff line change
`@@ -78,6 +78,8 @@ def before_scenario(context: Context, scenario: Scenario) -> None:`
`78`	`78`	`context.scenario_config = (`
`79`	`79`	`"tests/e2e/configuration/lightspeed-stack-invalid-feedback-storage.yaml"`
`80`	`80`	`)`
	`81`	`+ if "no_models" in scenario.effective_tags:`
	`82`	`+ context.scenario_config = "tests/e2e/config/no-models-run.yaml"`
`81`	`83`
`82`	`84`
`83`	`85`	`def after_scenario(context: Context, scenario: Scenario) -> None:`