diff --git a/internal/metaerrors/metaerrors_test.go b/internal/metaerrors/metaerrors_test.go index 948d92aa4..70a3c286c 100644 --- a/internal/metaerrors/metaerrors_test.go +++ b/internal/metaerrors/metaerrors_test.go @@ -31,10 +31,6 @@ func TestMetaError(t *testing.T) { err := errors.New("error message") metaErr := metaerrors.New(err, map[string]string{"key": "value"}) assert.Equal(t, "error message [key=value]", metaErr.Error()) - - err = errors.New("error message") - metaErr = metaerrors.New(err, map[string]string{"key1": "value1", "key2": "value2"}) - assert.Equal(t, "error message [key1=value1,key2=value2]", metaErr.Error()) }) t.Run("test meta error without metadata", func(t *testing.T) { diff --git a/server/rpc/auth/webhook.go b/server/rpc/auth/webhook.go index a3b2ebd54..a58359397 100644 --- a/server/rpc/auth/webhook.go +++ b/server/rpc/auth/webhook.go @@ -34,6 +34,9 @@ import ( ) var ( + // ErrUnauthenticated is returned when the authentication is failed. + ErrUnauthenticated = errors.New("unauthenticated") + // ErrPermissionDenied is returned when the given user is not allowed for the access. ErrPermissionDenied = errors.New("method is not allowed for this user") @@ -45,9 +48,6 @@ var ( // ErrWebhookTimeout is returned when the webhook does not respond in time. ErrWebhookTimeout = errors.New("webhook timeout") - - // ErrUnauthenticated is returned when the request lacks valid authentication credentials. - ErrUnauthenticated = errors.New("request lacks valid authentication credentials") ) // verifyAccess verifies the given user is allowed to access the given method. diff --git a/server/rpc/connecthelper/status.go b/server/rpc/connecthelper/status.go index 1eef3306e..b56fd161c 100644 --- a/server/rpc/connecthelper/status.go +++ b/server/rpc/connecthelper/status.go @@ -79,12 +79,14 @@ var errorToConnectCode = map[error]connect.Code{ converter.ErrUnsupportedCounterType: connect.CodeUnimplemented, // Unauthenticated means the request does not have valid authentication - auth.ErrUnexpectedStatusCode: connect.CodeUnauthenticated, - auth.ErrUnexpectedResponse: connect.CodeUnauthenticated, - auth.ErrWebhookTimeout: connect.CodeUnauthenticated, auth.ErrUnauthenticated: connect.CodeUnauthenticated, database.ErrMismatchedPassword: connect.CodeUnauthenticated, + // Internal means an internal error occurred. + auth.ErrUnexpectedStatusCode: connect.CodeInternal, + auth.ErrUnexpectedResponse: connect.CodeInternal, + auth.ErrWebhookTimeout: connect.CodeInternal, + // PermissionDenied means the request does not have permission for the operation. auth.ErrPermissionDenied: connect.CodePermissionDenied, diff --git a/test/integration/auth_webhook_test.go b/test/integration/auth_webhook_test.go index 6126ee68a..f20c28604 100644 --- a/test/integration/auth_webhook_test.go +++ b/test/integration/auth_webhook_test.go @@ -287,7 +287,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) { assert.NoError(t, err) defer func() { assert.NoError(t, cli.Close()) }() err = cli.Activate(ctx) - assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err)) + assert.Equal(t, connect.CodeInternal, connect.CodeOf(err)) assert.Equal(t, connecthelper.CodeOf(auth.ErrUnexpectedStatusCode), converter.ErrorCodeOf(err)) }) @@ -327,7 +327,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) { assert.NoError(t, err) defer func() { assert.NoError(t, cli.Close()) }() err = cli.Activate(ctx) - assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err)) + assert.Equal(t, connect.CodeInternal, connect.CodeOf(err)) assert.Equal(t, connecthelper.CodeOf(auth.ErrUnexpectedResponse), converter.ErrorCodeOf(err)) }) @@ -356,7 +356,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) { defer func() { assert.NoError(t, cli.Close()) }() err = cli.Activate(ctx) - assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err)) + assert.Equal(t, connect.CodeInternal, connect.CodeOf(err)) assert.Equal(t, connecthelper.CodeOf(auth.ErrWebhookTimeout), converter.ErrorCodeOf(err)) })