From bb02c704e64204fb899c097a0b954c6d28908233 Mon Sep 17 00:00:00 2001 From: Youngteac Hong Date: Thu, 31 Oct 2024 16:17:44 +0900 Subject: [PATCH] Adjust status codes of webhook errors --- server/rpc/auth/webhook.go | 6 +++--- server/rpc/connecthelper/status.go | 8 +++++--- test/integration/auth_webhook_test.go | 6 +++--- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/server/rpc/auth/webhook.go b/server/rpc/auth/webhook.go index a3b2ebd54..a58359397 100644 --- a/server/rpc/auth/webhook.go +++ b/server/rpc/auth/webhook.go @@ -34,6 +34,9 @@ import ( ) var ( + // ErrUnauthenticated is returned when the authentication is failed. + ErrUnauthenticated = errors.New("unauthenticated") + // ErrPermissionDenied is returned when the given user is not allowed for the access. ErrPermissionDenied = errors.New("method is not allowed for this user") @@ -45,9 +48,6 @@ var ( // ErrWebhookTimeout is returned when the webhook does not respond in time. ErrWebhookTimeout = errors.New("webhook timeout") - - // ErrUnauthenticated is returned when the request lacks valid authentication credentials. - ErrUnauthenticated = errors.New("request lacks valid authentication credentials") ) // verifyAccess verifies the given user is allowed to access the given method. diff --git a/server/rpc/connecthelper/status.go b/server/rpc/connecthelper/status.go index 1eef3306e..b56fd161c 100644 --- a/server/rpc/connecthelper/status.go +++ b/server/rpc/connecthelper/status.go @@ -79,12 +79,14 @@ var errorToConnectCode = map[error]connect.Code{ converter.ErrUnsupportedCounterType: connect.CodeUnimplemented, // Unauthenticated means the request does not have valid authentication - auth.ErrUnexpectedStatusCode: connect.CodeUnauthenticated, - auth.ErrUnexpectedResponse: connect.CodeUnauthenticated, - auth.ErrWebhookTimeout: connect.CodeUnauthenticated, auth.ErrUnauthenticated: connect.CodeUnauthenticated, database.ErrMismatchedPassword: connect.CodeUnauthenticated, + // Internal means an internal error occurred. + auth.ErrUnexpectedStatusCode: connect.CodeInternal, + auth.ErrUnexpectedResponse: connect.CodeInternal, + auth.ErrWebhookTimeout: connect.CodeInternal, + // PermissionDenied means the request does not have permission for the operation. auth.ErrPermissionDenied: connect.CodePermissionDenied, diff --git a/test/integration/auth_webhook_test.go b/test/integration/auth_webhook_test.go index 6126ee68a..f20c28604 100644 --- a/test/integration/auth_webhook_test.go +++ b/test/integration/auth_webhook_test.go @@ -287,7 +287,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) { assert.NoError(t, err) defer func() { assert.NoError(t, cli.Close()) }() err = cli.Activate(ctx) - assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err)) + assert.Equal(t, connect.CodeInternal, connect.CodeOf(err)) assert.Equal(t, connecthelper.CodeOf(auth.ErrUnexpectedStatusCode), converter.ErrorCodeOf(err)) }) @@ -327,7 +327,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) { assert.NoError(t, err) defer func() { assert.NoError(t, cli.Close()) }() err = cli.Activate(ctx) - assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err)) + assert.Equal(t, connect.CodeInternal, connect.CodeOf(err)) assert.Equal(t, connecthelper.CodeOf(auth.ErrUnexpectedResponse), converter.ErrorCodeOf(err)) }) @@ -356,7 +356,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) { defer func() { assert.NoError(t, cli.Close()) }() err = cli.Activate(ctx) - assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err)) + assert.Equal(t, connect.CodeInternal, connect.CodeOf(err)) assert.Equal(t, connecthelper.CodeOf(auth.ErrWebhookTimeout), converter.ErrorCodeOf(err)) })