Skip to content

Commit

Permalink
Fix error handling in some cases (#527)
Browse files Browse the repository at this point in the history
  • Loading branch information
@p53
p53 authored Dec 12, 2024
1 parent 163655c commit 3ba6ade
Show file tree
Hide file tree
Showing 10 changed files with 23 additions and 22 deletions.
1 change: 0 additions & 1 deletion .golangci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ linters:
- wrapcheck
- gosec
- gocritic
- errorlint
- gci
- gofumpt
- nlreturn
Expand Down
2 changes: 1 addition & 1 deletion pkg/encryption/rotation.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ func (c *CertificationRotation) Watch() error {
// add the files to the watch list
for _, x := range []string{c.certificateFile, c.privateKeyFile} {
if err := watcher.Add(path.Dir(x)); err != nil {
return fmt.Errorf("unable to add watch on directory: %s, error: %s", path.Dir(x), err)
return fmt.Errorf("unable to add watch on directory: %s, error: %w", path.Dir(x), err)
}
}

Expand Down
4 changes: 2 additions & 2 deletions pkg/google/config/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -595,7 +595,7 @@ func (r *Config) isUpstreamValid() error {

if !r.NoProxy {
if _, err := url.ParseRequestURI(r.Upstream); err != nil {
return fmt.Errorf("the upstream endpoint is invalid, %s", err)
return fmt.Errorf("the upstream endpoint is invalid, %w", err)
}
}

Expand Down Expand Up @@ -719,7 +719,7 @@ func (r *Config) isSecureCookieValid() error {
func (r *Config) isStoreURLValid() error {
if r.StoreURL != "" {
if _, err := url.ParseRequestURI(r.StoreURL); err != nil {
return fmt.Errorf("the store url is invalid, error: %s", err)
return fmt.Errorf("the store url is invalid, error: %w", err)
}
}

Expand Down
6 changes: 3 additions & 3 deletions pkg/keycloak/config/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -506,7 +506,7 @@ func (r *Config) isTLSMinValid() error {
func (r *Config) isUpstreamProxyValid() error {
if r.UpstreamProxy != "" {
if _, err := url.ParseRequestURI(r.UpstreamProxy); err != nil {
return fmt.Errorf("the upstream proxy is invalid, %s", err)
return fmt.Errorf("the upstream proxy is invalid, %w", err)
}
}
return nil
Expand Down Expand Up @@ -613,7 +613,7 @@ func (r *Config) isUpstreamValid() error {

if !r.NoProxy {
if _, err := url.ParseRequestURI(r.Upstream); err != nil {
return fmt.Errorf("the upstream endpoint is invalid, %s", err)
return fmt.Errorf("the upstream endpoint is invalid, %w", err)
}
}

Expand Down Expand Up @@ -717,7 +717,7 @@ func (r *Config) isSecureCookieValid() error {
func (r *Config) isStoreURLValid() error {
if r.StoreURL != "" {
if _, err := redis.ParseURL(r.StoreURL); err != nil {
return fmt.Errorf("the store url is invalid, error: %s", err)
return fmt.Errorf("the store url is invalid, error: %w", err)
}
}

Expand Down
15 changes: 8 additions & 7 deletions pkg/keycloak/proxy/middleware.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ package proxy
import (
"bytes"
"context"
"errors"
"fmt"
"io"
"net/http"
Expand Down Expand Up @@ -202,18 +203,18 @@ func authorizationMiddleware(
}
}

switch err {
case apperrors.ErrPermissionNotInToken:
switch true {
case errors.Is(err, apperrors.ErrPermissionNotInToken):
scope.Logger.Info(apperrors.ErrPermissionNotInToken.Error())
case apperrors.ErrResourceRetrieve:
case errors.Is(err, apperrors.ErrResourceRetrieve):
scope.Logger.Info(apperrors.ErrResourceRetrieve.Error())
case apperrors.ErrNoIDPResourceForPath:
case errors.Is(err, apperrors.ErrNoIDPResourceForPath):
scope.Logger.Info(apperrors.ErrNoIDPResourceForPath.Error())
case apperrors.ErrResourceIDNotPresent:
case errors.Is(err, apperrors.ErrResourceIDNotPresent):
scope.Logger.Info(apperrors.ErrResourceIDNotPresent.Error())
case apperrors.ErrTokenScopeNotMatchResourceScope:
case errors.Is(err, apperrors.ErrTokenScopeNotMatchResourceScope):
scope.Logger.Info(apperrors.ErrTokenScopeNotMatchResourceScope.Error())
case apperrors.ErrNoAuthzFound:
case errors.Is(err, apperrors.ErrNoAuthzFound):
default:
if err != nil {
scope.Logger.Error(apperrors.ErrFailedAuthzRequest.Error(), zap.Error(err))
Expand Down
4 changes: 2 additions & 2 deletions pkg/keycloak/proxy/misc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -258,8 +258,8 @@ func getRPT(
)
if err != nil {
return nil, fmt.Errorf(
"%s %s",
apperrors.ErrNoIDPResourceForPath.Error(),
"%w %w",
apperrors.ErrNoIDPResourceForPath,
err,
)
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/keycloak/proxy/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -841,7 +841,7 @@ func (r *OauthProxy) createForwardingProxy() error {
cAuthority, err := encryption.LoadCA(r.Config.TLSCaCertificate, r.Config.TLSCaPrivateKey)

if err != nil {
return fmt.Errorf("unable to load certificate authority, error: %s", err)
return fmt.Errorf("unable to load certificate authority, error: %w", err)
}

// implement the goproxy connect method
Expand Down
2 changes: 1 addition & 1 deletion pkg/proxy/cli.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -278,7 +278,7 @@ func parseCLIOptions(cliCtx *cli.Context, config core.Configs) error {
for _, x := range cliCtx.StringSlice("resources") {
resource, err := authorization.NewResource().Parse(x)
if err != nil {
return fmt.Errorf("invalid resource %s, %s", x, err)
return fmt.Errorf("invalid resource %s, %w", x, err)
}
config.SetResources(append(config.GetResources(), resource))
}
Expand Down
4 changes: 2 additions & 2 deletions pkg/proxy/middleware/oauth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -184,8 +184,8 @@ func AuthenticationMiddleware(

newAccToken, newRawAccToken, newRefreshToken, accessExpiresAt, refreshExpiresIn, err := utils.GetRefreshedToken(ctx, conf, httpClient, refresh)
if err != nil {
switch err {
case apperrors.ErrRefreshTokenExpired:
switch true {
case errors.Is(err, apperrors.ErrRefreshTokenExpired):
lLog.Warn("refresh token has expired, cannot retrieve access token")
cookMgr.ClearAllCookies(req.WithContext(ctx), wrt)
default:
Expand Down
5 changes: 3 additions & 2 deletions pkg/proxy/session/token.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"bytes"
"context"
"encoding/base64"
"errors"
"fmt"
"net/http"
"net/url"
Expand Down Expand Up @@ -49,14 +50,14 @@ func GetTokenInRequest(

if tokenHeader == "" && !skipAuthorizationHeaderIdentity {
token, err = GetTokenInBearer(req)
if err != nil && err != apperrors.ErrSessionNotFound {
if err != nil && !errors.Is(err, apperrors.ErrSessionNotFound) {
return "", false, err
}
}

if tokenHeader != "" {
token, err = GetTokenInHeader(req, tokenHeader)
if err != nil && err != apperrors.ErrSessionNotFound {
if err != nil && !errors.Is(err, apperrors.ErrSessionNotFound) {
return "", false, err
}
}
Expand Down

0 comments on commit 3ba6ade

Please sign in to comment.