From f3987ecf2434791527dfb353b2fefcbdde7a5d3e Mon Sep 17 00:00:00 2001 From: Jillian Inapurapu Date: Wed, 29 Nov 2023 12:18:47 -0800 Subject: [PATCH] Removed detailed errors --- restapi/errors.go | 2 +- restapi/user_login.go | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/restapi/errors.go b/restapi/errors.go index 062354a20d..fa34346ce2 100644 --- a/restapi/errors.go +++ b/restapi/errors.go @@ -30,7 +30,6 @@ import ( var ( ErrDefault = errors.New("an error occurred, please try again") ErrInvalidLogin = errors.New("invalid Login") - ErrUnauthorized = errors.New("401 Unauthorized - please check logs") ErrForbidden = errors.New("403 Forbidden") ErrBadRequest = errors.New("400 Bad Request") ErrFileTooLarge = errors.New("413 File too Large") @@ -54,6 +53,7 @@ var ( ErrAvoidSelfAccountDelete = errors.New("logged in user cannot be deleted by itself") ErrAccessDenied = errors.New("access denied") ErrOauth2Provider = errors.New("unable to contact configured identity provider") + ErrOauth2Login = errors.New("unable to login using configured identity provider") ErrNonUniqueAccessKey = errors.New("access key already in use") ErrRemoteTierExists = errors.New("specified remote tier already exists") ErrRemoteTierNotFound = errors.New("specified remote tier was not found") diff --git a/restapi/user_login.go b/restapi/user_login.go index bfb580c441..0f61577ee5 100644 --- a/restapi/user_login.go +++ b/restapi/user_login.go @@ -148,7 +148,7 @@ func getLoginResponse(params authApi.LoginParams) (*models.LoginResponse, *Coded // prepare console credentials consoleCreds, err = getConsoleCredentials(lr.AccessKey, lr.SecretKey, clientIP) if err != nil { - return nil, ErrorWithContext(ctx, err, ErrInvalidLogin) + return nil, ErrorWithContext(ctx, ErrInvalidLogin) } } @@ -158,7 +158,7 @@ func getLoginResponse(params authApi.LoginParams) (*models.LoginResponse, *Coded } sessionID, err := login(consoleCreds, sf) if err != nil { - return nil, ErrorWithContext(ctx, ErrUnauthorized, ErrInvalidLogin) + return nil, ErrorWithContext(ctx, ErrInvalidLogin) } // serialize output loginResponse := &models.LoginResponse{ @@ -236,8 +236,8 @@ func getLoginDetailsResponse(params authApi.LoginDetailParams, openIDProviders o func verifyUserAgainstIDP(ctx context.Context, provider auth.IdentityProviderI, code, state string) (*credentials.Credentials, error) { userCredentials, err := provider.VerifyIdentity(ctx, code, state) if err != nil { - LogError("error validating user identity against idp: %v", err) - return nil, err + LogError("error validating user identity against idp") + return nil, ErrInvalidLogin } return userCredentials, nil } @@ -271,7 +271,7 @@ func getLoginOauth2AuthResponse(params authApi.LoginOauth2AuthParams, openIDProv oauth2Client, err := openIDProviders.NewOauth2ProviderClient(IDPName, nil, r, GetConsoleHTTPClient("", getClientIP(params.HTTPRequest)), GetConsoleHTTPClient(getMinIOServer(), getClientIP(params.HTTPRequest))) if err != nil { - return nil, ErrorWithContext(ctx, err) + return nil, ErrorWithContext(ctx, ErrOauth2Provider) } // initialize new identity provider @@ -283,7 +283,7 @@ func getLoginOauth2AuthResponse(params authApi.LoginOauth2AuthParams, openIDProv // Validate user against IDP userCredentials, err := verifyUserAgainstIDP(ctx, identityProvider, *lr.Code, state) if err != nil { - return nil, ErrorWithContext(ctx, err) + return nil, ErrorWithContext(ctx, ErrOauth2Login) } // initialize admin client // login user against console and generate session token @@ -292,7 +292,7 @@ func getLoginOauth2AuthResponse(params authApi.LoginOauth2AuthParams, openIDProv AccountAccessKey: "", }, nil) if err != nil { - return nil, ErrorWithContext(ctx, err) + return nil, ErrorWithContext(ctx, ErrOauth2Login) } // serialize output loginResponse := &models.LoginResponse{