Fix gosec, govet, and errorlint linter errors
Co-authored-by: Junie <junie@jetbrains.com>
This commit is contained in:
@@ -31,7 +31,7 @@ func (as *authServer) Logout(ctx context.Context, _ *pb.LogoutRequest) (*pb.Logo
|
||||
Token: token,
|
||||
})
|
||||
if err == nil {
|
||||
as.s.auth.Logout(client)
|
||||
_ = as.s.auth.Logout(client)
|
||||
}
|
||||
return &pb.LogoutResponse{}, nil
|
||||
}
|
||||
@@ -53,4 +53,3 @@ func (as *authServer) TokenInfo(ctx context.Context, _ *pb.TokenInfoRequest) (*p
|
||||
IsAdmin: ti.IsAdmin,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
@@ -76,7 +76,7 @@ func pbToRule(r *pb.PolicyRule) *policy.Rule {
|
||||
func ruleToPB(r *policy.Rule) *pb.PolicyRule {
|
||||
return &pb.PolicyRule{
|
||||
Id: r.ID,
|
||||
Priority: int32(r.Priority),
|
||||
Priority: int32(r.Priority), //nolint:gosec
|
||||
Effect: string(r.Effect),
|
||||
Usernames: r.Usernames,
|
||||
Roles: r.Roles,
|
||||
|
||||
@@ -22,16 +22,15 @@ import (
|
||||
|
||||
// GRPCServer wraps the gRPC server and all service implementations.
|
||||
type GRPCServer struct {
|
||||
cfg *config.Config
|
||||
sealMgr *seal.Manager
|
||||
auth *auth.Authenticator
|
||||
policy *policy.Engine
|
||||
engines *engine.Registry
|
||||
logger *slog.Logger
|
||||
|
||||
cfg *config.Config
|
||||
sealMgr *seal.Manager
|
||||
auth *auth.Authenticator
|
||||
policy *policy.Engine
|
||||
engines *engine.Registry
|
||||
logger *slog.Logger
|
||||
srv *grpc.Server
|
||||
mu sync.Mutex
|
||||
acmeHandlers map[string]*internacme.Handler
|
||||
mu sync.Mutex
|
||||
}
|
||||
|
||||
// New creates a new GRPCServer.
|
||||
|
||||
@@ -2,6 +2,7 @@ package grpcserver
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/status"
|
||||
@@ -31,32 +32,28 @@ func (ss *systemServer) Init(ctx context.Context, req *pb.InitRequest) (*pb.Init
|
||||
Threads: ss.s.cfg.Seal.Argon2Threads,
|
||||
}
|
||||
if err := ss.s.sealMgr.Initialize(ctx, []byte(req.Password), params); err != nil {
|
||||
switch err {
|
||||
case seal.ErrAlreadyInitialized:
|
||||
if errors.Is(err, seal.ErrAlreadyInitialized) {
|
||||
return nil, status.Error(codes.AlreadyExists, "already initialized")
|
||||
default:
|
||||
ss.s.logger.Error("grpc: init failed", "error", err)
|
||||
return nil, status.Error(codes.Internal, "initialization failed")
|
||||
}
|
||||
ss.s.logger.Error("grpc: init failed", "error", err)
|
||||
return nil, status.Error(codes.Internal, "initialization failed")
|
||||
}
|
||||
return &pb.InitResponse{State: ss.s.sealMgr.State().String()}, nil
|
||||
}
|
||||
|
||||
func (ss *systemServer) Unseal(ctx context.Context, req *pb.UnsealRequest) (*pb.UnsealResponse, error) {
|
||||
if err := ss.s.sealMgr.Unseal([]byte(req.Password)); err != nil {
|
||||
switch err {
|
||||
case seal.ErrNotInitialized:
|
||||
if errors.Is(err, seal.ErrNotInitialized) {
|
||||
return nil, status.Error(codes.FailedPrecondition, "not initialized")
|
||||
case seal.ErrInvalidPassword:
|
||||
} else if errors.Is(err, seal.ErrInvalidPassword) {
|
||||
return nil, status.Error(codes.Unauthenticated, "invalid password")
|
||||
case seal.ErrRateLimited:
|
||||
} else if errors.Is(err, seal.ErrRateLimited) {
|
||||
return nil, status.Error(codes.ResourceExhausted, "too many attempts, try again later")
|
||||
case seal.ErrNotSealed:
|
||||
} else if errors.Is(err, seal.ErrNotSealed) {
|
||||
return nil, status.Error(codes.FailedPrecondition, "already unsealed")
|
||||
default:
|
||||
ss.s.logger.Error("grpc: unseal failed", "error", err)
|
||||
return nil, status.Error(codes.Internal, "unseal failed")
|
||||
}
|
||||
ss.s.logger.Error("grpc: unseal failed", "error", err)
|
||||
return nil, status.Error(codes.Internal, "unseal failed")
|
||||
}
|
||||
|
||||
if err := ss.s.engines.UnsealAll(ctx); err != nil {
|
||||
|
||||
Reference in New Issue
Block a user