5882156f53
* Initial implemntation of returning 529 for rate limits - bump aws iam and sts packages to v1.14.31 to get mocking interface - promote the iam and sts clients to the aws backend struct, for mocking in tests - this also promotes some functions to methods on the Backend struct, so that we can use the injected client Generating creds requires reading config/root for credentials to contact IAM. Here we make pathConfigRoot a method on aws/backend so we can clear the clients on successful update of config/root path. Adds a mutex to safely clear the clients * refactor locking and unlocking into methods on *backend * refactor/simply the locking * check client after grabbing lock
91 lines
2.1 KiB
Go
91 lines
2.1 KiB
Go
package logical
|
|
|
|
import "errors"
|
|
|
|
var (
|
|
// ErrUnsupportedOperation is returned if the operation is not supported
|
|
// by the logical backend.
|
|
ErrUnsupportedOperation = errors.New("unsupported operation")
|
|
|
|
// ErrUnsupportedPath is returned if the path is not supported
|
|
// by the logical backend.
|
|
ErrUnsupportedPath = errors.New("unsupported path")
|
|
|
|
// ErrInvalidRequest is returned if the request is invalid
|
|
ErrInvalidRequest = errors.New("invalid request")
|
|
|
|
// ErrPermissionDenied is returned if the client is not authorized
|
|
ErrPermissionDenied = errors.New("permission denied")
|
|
|
|
// ErrMultiAuthzPending is returned if the the request needs more
|
|
// authorizations
|
|
ErrMultiAuthzPending = errors.New("request needs further approval")
|
|
|
|
// ErrUpstreamRateLimited is returned when Vault receives a rate limited
|
|
// response from an upstream
|
|
ErrUpstreamRateLimited = errors.New("upstream rate limited")
|
|
)
|
|
|
|
type HTTPCodedError interface {
|
|
Error() string
|
|
Code() int
|
|
}
|
|
|
|
func CodedError(status int, msg string) HTTPCodedError {
|
|
return &codedError{
|
|
Status: status,
|
|
Message: msg,
|
|
}
|
|
}
|
|
|
|
var _ HTTPCodedError = (*codedError)(nil)
|
|
|
|
type codedError struct {
|
|
Status int
|
|
Message string
|
|
}
|
|
|
|
func (e *codedError) Error() string {
|
|
return e.Message
|
|
}
|
|
|
|
func (e *codedError) Code() int {
|
|
return e.Status
|
|
}
|
|
|
|
// Struct to identify user input errors. This is helpful in responding the
|
|
// appropriate status codes to clients from the HTTP endpoints.
|
|
type StatusBadRequest struct {
|
|
Err string
|
|
}
|
|
|
|
// Implementing error interface
|
|
func (s *StatusBadRequest) Error() string {
|
|
return s.Err
|
|
}
|
|
|
|
// This is a new type declared to not cause potential compatibility problems if
|
|
// the logic around the CodedError changes; in particular for logical request
|
|
// paths it is basically ignored, and changing that behavior might cause
|
|
// unforseen issues.
|
|
type ReplicationCodedError struct {
|
|
Msg string
|
|
Code int
|
|
}
|
|
|
|
func (r *ReplicationCodedError) Error() string {
|
|
return r.Msg
|
|
}
|
|
|
|
type KeyNotFoundError struct {
|
|
Err error
|
|
}
|
|
|
|
func (e *KeyNotFoundError) WrappedErrors() []error {
|
|
return []error{e.Err}
|
|
}
|
|
|
|
func (e *KeyNotFoundError) Error() string {
|
|
return e.Err.Error()
|
|
}
|