fix(crypt): align AX error handling and cleanup checks
Co-Authored-By: Virgil <virgil@lethean.io>
This commit is contained in:
Virgil
parent
12281f9e76
commit
e80ef94552
7 changed files with 35 additions and 15 deletions
16
auth/auth.go
16
auth/auth.go
|
|
@ -323,7 +323,9 @@ func (a *Authenticator) ValidateSession(token string) (*Session, error) {
|
|||
}
|
||||
|
||||
if time.Now().After(session.ExpiresAt) {
|
||||
_ = a.store.Delete(token)
|
||||
if err := a.store.Delete(token); err != nil {
|
||||
return nil, coreerr.E(op, "session expired", err)
|
||||
}
|
||||
return nil, coreerr.E(op, "session expired", nil)
|
||||
}
|
||||
|
||||
|
|
@ -340,7 +342,9 @@ func (a *Authenticator) RefreshSession(token string) (*Session, error) {
|
|||
}
|
||||
|
||||
if time.Now().After(session.ExpiresAt) {
|
||||
_ = a.store.Delete(token)
|
||||
if err := a.store.Delete(token); err != nil {
|
||||
return nil, coreerr.E(op, "session expired", err)
|
||||
}
|
||||
return nil, coreerr.E(op, "session expired", nil)
|
||||
}
|
||||
|
||||
|
|
@ -389,7 +393,9 @@ func (a *Authenticator) DeleteUser(userID string) error {
|
|||
}
|
||||
|
||||
// Revoke any active sessions for this user
|
||||
_ = a.store.DeleteByUser(userID)
|
||||
if err := a.store.DeleteByUser(userID); err != nil {
|
||||
return coreerr.E(op, "failed to delete user sessions", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
@ -565,7 +571,9 @@ func (a *Authenticator) RevokeKey(userID, password, reason string) error {
|
|||
}
|
||||
|
||||
// Invalidate all sessions
|
||||
_ = a.store.DeleteByUser(userID)
|
||||
if err := a.store.DeleteByUser(userID); err != nil {
|
||||
return coreerr.E(op, "failed to delete user sessions", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -49,7 +49,11 @@ func runTest(verbose, coverage, short bool, pkg, run string, race, jsonOutput bo
|
|||
|
||||
// Create command
|
||||
cmd := exec.Command("go", args...)
|
||||
cmd.Dir, _ = os.Getwd()
|
||||
cwd, err := os.Getwd()
|
||||
if err != nil {
|
||||
return coreerr.E("cmd.test", "failed to determine working directory", err)
|
||||
}
|
||||
cmd.Dir = cwd
|
||||
|
||||
// Set environment to suppress macOS linker warnings
|
||||
cmd.Env = append(os.Environ(), getMacOSDeploymentTarget())
|
||||
|
|
@ -76,7 +80,7 @@ func runTest(verbose, coverage, short bool, pkg, run string, race, jsonOutput bo
|
|||
cmd.Stderr = &stderr
|
||||
}
|
||||
|
||||
err := cmd.Run()
|
||||
err = cmd.Run()
|
||||
exitCode := 0
|
||||
if err != nil {
|
||||
if exitErr, ok := err.(*exec.ExitError); ok {
|
||||
|
|
|
|||
|
|
@ -2,9 +2,10 @@ package chachapoly
|
|||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"errors"
|
||||
"testing"
|
||||
|
||||
coreerr "dappco.re/go/core/log"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
|
|
@ -12,7 +13,7 @@ import (
|
|||
type mockReader struct{}
|
||||
|
||||
func (r *mockReader) Read(p []byte) (n int, err error) {
|
||||
return 0, errors.New("read error")
|
||||
return 0, coreerr.E("chachapoly.mockReader.Read", "read error", nil)
|
||||
}
|
||||
|
||||
func TestEncryptDecrypt(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -149,7 +149,9 @@ func (s *Service) DecryptPGP(privateKey, message, passphrase string, opts ...any
|
|||
return "", coreerr.E("openpgp.DecryptPGP", "failed to decrypt private key", err)
|
||||
}
|
||||
for _, subkey := range entity.Subkeys {
|
||||
_ = subkey.PrivateKey.Decrypt([]byte(passphrase))
|
||||
if err := subkey.PrivateKey.Decrypt([]byte(passphrase)); err != nil {
|
||||
return "", coreerr.E("openpgp.DecryptPGP", "failed to decrypt subkey", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,9 @@ func CreateKeyPair(name, email, password string) (*KeyPair, error) {
|
|||
|
||||
// Sign all the identities
|
||||
for _, id := range entity.Identities {
|
||||
_ = id.SelfSignature.SignUserId(id.UserId.Id, entity.PrimaryKey, entity.PrivateKey, nil)
|
||||
if err := id.SelfSignature.SignUserId(id.UserId.Id, entity.PrimaryKey, entity.PrivateKey, nil); err != nil {
|
||||
return nil, coreerr.E(op, "failed to sign identity", err)
|
||||
}
|
||||
}
|
||||
|
||||
// Encrypt private key with password if provided
|
||||
|
|
@ -166,7 +168,9 @@ func Decrypt(data []byte, privateKeyArmor, password string) ([]byte, error) {
|
|||
}
|
||||
for _, subkey := range entity.Subkeys {
|
||||
if subkey.PrivateKey != nil && subkey.PrivateKey.Encrypted {
|
||||
_ = subkey.PrivateKey.Decrypt([]byte(password))
|
||||
if err := subkey.PrivateKey.Decrypt([]byte(password)); err != nil {
|
||||
return nil, coreerr.E(op, "failed to decrypt subkey", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,9 +6,10 @@ import (
|
|||
"crypto/rand"
|
||||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"testing"
|
||||
|
||||
coreerr "dappco.re/go/core/log"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
|
|
@ -16,7 +17,7 @@ import (
|
|||
type mockReader struct{}
|
||||
|
||||
func (r *mockReader) Read(p []byte) (n int, err error) {
|
||||
return 0, errors.New("read error")
|
||||
return 0, coreerr.E("rsa.mockReader.Read", "read error", nil)
|
||||
}
|
||||
|
||||
func TestRSA_Good(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -151,8 +151,8 @@ func (q *ApprovalQueue) Get(id string) *ApprovalRequest {
|
|||
return nil
|
||||
}
|
||||
// Return a copy to prevent mutation.
|
||||
copy := *req
|
||||
return ©
|
||||
snapshot := *req
|
||||
return &snapshot
|
||||
}
|
||||
|
||||
// Pending returns all requests with ApprovalPending status.
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue