From c34f8349e956dece4303c2a2401b7274b425be81 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Wed, 13 Nov 2024 19:54:25 -0500 Subject: [PATCH] fix: cleanup left over status.Error in favor of connect.NewError --- service/health/health.go | 8 ++++---- service/internal/auth/authn.go | 11 +++++------ service/internal/auth/authn_test.go | 5 ++++- service/kas/access/publicKey.go | 4 +--- .../wellknownconfiguration/wellknown_configuration.go | 5 ++--- 5 files changed, 16 insertions(+), 17 deletions(-) diff --git a/service/health/health.go b/service/health/health.go index 01489f3a7..d8123bdc5 100644 --- a/service/health/health.go +++ b/service/health/health.go @@ -2,14 +2,14 @@ package health import ( "context" + "errors" "log/slog" + "connectrpc.com/connect" "connectrpc.com/grpchealth" "github.com/opentdf/platform/service/logger" "github.com/opentdf/platform/service/pkg/serviceregistry" - "google.golang.org/grpc/codes" healthpb "google.golang.org/grpc/health/grpc_health_v1" - "google.golang.org/grpc/status" ) var serviceHealthChecks = make(map[string]func(context.Context) error) @@ -75,12 +75,12 @@ func (s HealthService) Check(ctx context.Context, req *grpchealth.CheckRequest) } func (s HealthService) Watch(_ *healthpb.HealthCheckRequest, _ healthpb.Health_WatchServer) error { - return status.Error(codes.Unimplemented, "unimplemented") + return connect.NewError(connect.CodeUnimplemented, errors.New("unimplemented")) } func RegisterReadinessCheck(namespace string, service func(context.Context) error) error { if _, ok := serviceHealthChecks[namespace]; ok { - return status.Error(codes.AlreadyExists, "readiness check already registered") + return errors.New("readiness check already registered") } serviceHealthChecks[namespace] = service diff --git a/service/internal/auth/authn.go b/service/internal/auth/authn.go index 556ecdaa8..31f9991b3 100644 --- a/service/internal/auth/authn.go +++ b/service/internal/auth/authn.go @@ -6,6 +6,7 @@ import ( "crypto/sha256" "encoding/base64" "encoding/json" + "errors" "fmt" "log/slog" "net/http" @@ -23,8 +24,6 @@ import ( sdkAudit "github.com/opentdf/platform/sdk/audit" "github.com/opentdf/platform/service/logger" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" ) const ( @@ -279,7 +278,7 @@ func (a Authentication) ConnectUnaryServerInterceptor() connect.UnaryInterceptor header := req.Header()["Authorization"] if len(header) < 1 { - return nil, status.Error(codes.Unauthenticated, "missing authorization header") + return nil, connect.NewError(connect.CodeUnauthenticated, errors.New("missing authorization header")) } // parse the rpc method @@ -297,19 +296,19 @@ func (a Authentication) ConnectUnaryServerInterceptor() connect.UnaryInterceptor req.Header()["Dpop"], ) if err != nil { - return nil, status.Errorf(codes.Unauthenticated, "unauthenticated") + return nil, connect.NewError(connect.CodeUnauthenticated, errors.New("unauthenticated")) } // Check if the token is allowed to access the resource if allowed, err := a.enforcer.Enforce(token, resource, action); err != nil { if err.Error() == "permission denied" { a.logger.Warn("permission denied", slog.String("azp", token.Subject()), slog.String("error", err.Error())) - return nil, status.Errorf(codes.PermissionDenied, "permission denied") + return nil, connect.NewError(connect.CodePermissionDenied, errors.New("permission denied")) } return nil, err } else if !allowed { a.logger.Warn("permission denied", slog.String("azp", token.Subject())) - return nil, status.Errorf(codes.PermissionDenied, "permission denied") + return nil, connect.NewError(connect.CodePermissionDenied, errors.New("permission denied")) } return next(newCtx, req) diff --git a/service/internal/auth/authn_test.go b/service/internal/auth/authn_test.go index a7d5ed86a..841458cf7 100644 --- a/service/internal/auth/authn_test.go +++ b/service/internal/auth/authn_test.go @@ -243,7 +243,10 @@ func (s *AuthSuite) Test_UnaryServerInterceptor_When_Authorization_Header_Missin })(context.Background(), req) s.Require().Error(err) - s.Require().ErrorIs(err, status.Error(codes.Unauthenticated, "missing authorization header")) + + connectErr := connect.NewError(connect.CodeUnauthenticated, errors.New("missing authorization header")) + + s.Require().ErrorAs(err, &connectErr) } func (s *AuthSuite) Test_CheckToken_When_Authorization_Header_Invalid_Expect_Error() { diff --git a/service/kas/access/publicKey.go b/service/kas/access/publicKey.go index ca810c53c..080d12de5 100644 --- a/service/kas/access/publicKey.go +++ b/service/kas/access/publicKey.go @@ -11,8 +11,6 @@ import ( "connectrpc.com/connect" kaspb "github.com/opentdf/platform/protocol/go/kas" "github.com/opentdf/platform/service/internal/security" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" wrapperspb "google.golang.org/protobuf/types/known/wrapperspb" ) @@ -116,7 +114,7 @@ func (p Provider) PublicKey(ctx context.Context, req *connect.Request[kaspb.Publ return r(rsaPublicKeyPem, kid, err) } } - return nil, status.Error(codes.NotFound, "invalid algorithm or format") + return nil, connect.NewError(connect.CodeNotFound, errors.New("invalid algorithm or format")) } func exportRsaPublicKeyAsPemStr(pubkey *rsa.PublicKey) (string, error) { diff --git a/service/wellknownconfiguration/wellknown_configuration.go b/service/wellknownconfiguration/wellknown_configuration.go index 88a096688..3aae42846 100644 --- a/service/wellknownconfiguration/wellknown_configuration.go +++ b/service/wellknownconfiguration/wellknown_configuration.go @@ -2,6 +2,7 @@ package wellknownconfiguration import ( "context" + "errors" "fmt" "log/slog" "sync" @@ -11,8 +12,6 @@ import ( "github.com/opentdf/platform/protocol/go/wellknownconfiguration/wellknownconfigurationconnect" "github.com/opentdf/platform/service/logger" "github.com/opentdf/platform/service/pkg/serviceregistry" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" "google.golang.org/protobuf/types/known/structpb" ) @@ -56,7 +55,7 @@ func (s WellKnownService) GetWellKnownConfiguration(_ context.Context, _ *connec rwMutex.RUnlock() if err != nil { s.logger.Error("failed to create struct for wellknown configuration", slog.String("error", err.Error())) - return nil, status.Error(codes.Internal, "failed to create struct for wellknown configuration") + return nil, connect.NewError(connect.CodeInternal, errors.New("failed to create struct for wellknown configuration")) } rsp := &wellknown.GetWellKnownConfigurationResponse{