Skip to content

Commit

Permalink
Adjust status codes of webhook errors
Browse files Browse the repository at this point in the history
  • Loading branch information
hackerwins committed Oct 31, 2024
1 parent 1bdbe91 commit 13efe8f
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 9 deletions.
6 changes: 3 additions & 3 deletions server/rpc/auth/webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,9 @@ import (
)

var (
// ErrUnauthenticated is returned when the authentication is failed.
ErrUnauthenticated = errors.New("unauthenticated")

// ErrPermissionDenied is returned when the given user is not allowed for the access.
ErrPermissionDenied = errors.New("method is not allowed for this user")

Expand All @@ -45,9 +48,6 @@ var (

// ErrWebhookTimeout is returned when the webhook does not respond in time.
ErrWebhookTimeout = errors.New("webhook timeout")

// ErrUnauthenticated is returned when the request lacks valid authentication credentials.
ErrUnauthenticated = errors.New("request lacks valid authentication credentials")
)

// verifyAccess verifies the given user is allowed to access the given method.
Expand Down
8 changes: 5 additions & 3 deletions server/rpc/connecthelper/status.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,12 +79,14 @@ var errorToConnectCode = map[error]connect.Code{
converter.ErrUnsupportedCounterType: connect.CodeUnimplemented,

// Unauthenticated means the request does not have valid authentication
auth.ErrUnexpectedStatusCode: connect.CodeUnauthenticated,
auth.ErrUnexpectedResponse: connect.CodeUnauthenticated,
auth.ErrWebhookTimeout: connect.CodeUnauthenticated,
auth.ErrUnauthenticated: connect.CodeUnauthenticated,
database.ErrMismatchedPassword: connect.CodeUnauthenticated,

// Internal means an internal error occurred.
auth.ErrUnexpectedStatusCode: connect.CodeInternal,
auth.ErrUnexpectedResponse: connect.CodeInternal,
auth.ErrWebhookTimeout: connect.CodeInternal,

// PermissionDenied means the request does not have permission for the operation.
auth.ErrPermissionDenied: connect.CodePermissionDenied,

Expand Down
6 changes: 3 additions & 3 deletions test/integration/auth_webhook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -287,7 +287,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) {
assert.NoError(t, err)
defer func() { assert.NoError(t, cli.Close()) }()
err = cli.Activate(ctx)
assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err))
assert.Equal(t, connect.CodeInternal, connect.CodeOf(err))
assert.Equal(t, connecthelper.CodeOf(auth.ErrUnexpectedStatusCode), converter.ErrorCodeOf(err))
})

Expand Down Expand Up @@ -327,7 +327,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) {
assert.NoError(t, err)
defer func() { assert.NoError(t, cli.Close()) }()
err = cli.Activate(ctx)
assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err))
assert.Equal(t, connect.CodeInternal, connect.CodeOf(err))
assert.Equal(t, connecthelper.CodeOf(auth.ErrUnexpectedResponse), converter.ErrorCodeOf(err))
})

Expand Down Expand Up @@ -356,7 +356,7 @@ func TestAuthWebhookErrorHandling(t *testing.T) {
defer func() { assert.NoError(t, cli.Close()) }()

err = cli.Activate(ctx)
assert.Equal(t, connect.CodeUnauthenticated, connect.CodeOf(err))
assert.Equal(t, connect.CodeInternal, connect.CodeOf(err))
assert.Equal(t, connecthelper.CodeOf(auth.ErrWebhookTimeout), converter.ErrorCodeOf(err))
})

Expand Down

0 comments on commit 13efe8f

Please sign in to comment.