jarno
/
hydroxide-push
1
0
Fork 0
Code Issues Pull Requests Wiki Activity

cmd/hydroxide: print errors

This commit is contained in:
emersion 2017-09-10 12:49:01 +02:00
parent d33218dc7c
commit 340cdc878d
No known key found for this signature in database
GPG Key ID: 0FDE7BE0E88F5E48
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cmd/hydroxide/hydroxide.go
View File

@ -243,6 +243,7 @@ func main() {
username, password, ok := req.BasicAuth() username, password, ok := req.BasicAuth()
if !ok { if !ok {
resp.WriteHeader(http.StatusUnauthorized) resp.WriteHeader(http.StatusUnauthorized)
io.WriteString(resp, "Credentials are required")
return return
} }
@ -250,6 +251,7 @@ func main() {
passwordBytes, err := base64.StdEncoding.DecodeString(password) passwordBytes, err := base64.StdEncoding.DecodeString(password)
if err != nil || len(passwordBytes) != len(secretKey) { if err != nil || len(passwordBytes) != len(secretKey) {
resp.WriteHeader(http.StatusUnauthorized) resp.WriteHeader(http.StatusUnauthorized)
io.WriteString(resp, "Invalid password format")
return return
} }
copy(secretKey[:], passwordBytes) copy(secretKey[:], passwordBytes)
@ -260,6 +262,7 @@ func main() {
err := bcrypt.CompareHashAndPassword(s.hashedSecretKey, secretKey[:]) err := bcrypt.CompareHashAndPassword(s.hashedSecretKey, secretKey[:])
if err != nil { if err != nil {
resp.WriteHeader(http.StatusUnauthorized) resp.WriteHeader(http.StatusUnauthorized)
io.WriteString(resp, "Invalid username or password")
return return
} }
@ -268,24 +271,28 @@ func main() {
auths, err := readCachedAuths() auths, err := readCachedAuths()
if err != nil && !os.IsNotExist(err) { if err != nil && !os.IsNotExist(err) {
resp.WriteHeader(http.StatusInternalServerError) resp.WriteHeader(http.StatusInternalServerError)
log.Println("Cannot open cached auths")
return return
} }
encrypted, ok := auths[username] encrypted, ok := auths[username]
if !ok { if !ok {
resp.WriteHeader(http.StatusUnauthorized) resp.WriteHeader(http.StatusUnauthorized)
io.WriteString(resp, "Invalid username or password")
return return
} }
decrypted, err := decrypt(encrypted, &secretKey) decrypted, err := decrypt(encrypted, &secretKey)
if err != nil { if err != nil {
resp.WriteHeader(http.StatusUnauthorized) resp.WriteHeader(http.StatusUnauthorized)
io.WriteString(resp, "Invalid username or password")
return return
} }
var cachedAuth cachedAuth var cachedAuth cachedAuth
if err := json.Unmarshal(decrypted, &cachedAuth); err != nil { if err := json.Unmarshal(decrypted, &cachedAuth); err != nil {
resp.WriteHeader(http.StatusInternalServerError) resp.WriteHeader(http.StatusInternalServerError)
log.Printf("Cannot unmarshal cached auth for %q: %v", username, err)
return return
} }
@ -293,17 +300,20 @@ func main() {
c := newClient() c := newClient()
if err := authenticate(c, &cachedAuth); err != nil { if err := authenticate(c, &cachedAuth); err != nil {
resp.WriteHeader(http.StatusInternalServerError) resp.WriteHeader(http.StatusInternalServerError)
log.Printf("Cannot authenticate %q: %v", username, err)
return return
} }
if err := encryptAndSaveAuth(&cachedAuth, username, &secretKey); err != nil { if err := encryptAndSaveAuth(&cachedAuth, username, &secretKey); err != nil {
resp.WriteHeader(http.StatusInternalServerError) resp.WriteHeader(http.StatusInternalServerError)
log.Printf("Cannot save auth for %q: %v", username, err)
return return
} }
hashed, err := bcrypt.GenerateFromPassword(secretKey[:], bcrypt.DefaultCost) hashed, err := bcrypt.GenerateFromPassword(secretKey[:], bcrypt.DefaultCost)
if err != nil { if err != nil {
resp.WriteHeader(http.StatusInternalServerError) resp.WriteHeader(http.StatusInternalServerError)
log.Printf("Cannot hash password for %q: %v", username, err)
return return
} }