From 5c5df23a57fcb5f57a1621ed5e4a5a07eac133ba Mon Sep 17 00:00:00 2001 From: Eric Chiang Date: Mon, 11 Apr 2016 16:31:50 -0700 Subject: [PATCH] db: print better error messages for invalid input When client secrets are not base64 encoded, print an error message that's not a generic base64 decode error: client secrets must be base64 decodable. See issue #337. Please consider replaceing "secret" with "c2VjcmV0" When a user file is missing a mandatory field print an error message. Unable to build Server: user elroy-foo is missing email field For #400 --- db/client.go | 6 +++++- db/user.go | 6 ++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/db/client.go b/db/client.go index 62187034..a0f54846 100644 --- a/db/client.go +++ b/db/client.go @@ -100,9 +100,13 @@ func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []oidc.ClientIden defer tx.Rollback() exec := repo.executor(tx) for _, c := range clients { + if c.Credentials.Secret == "" { + return nil, fmt.Errorf("client %q has no secret", c.Credentials.ID) + } dec, err := base64.URLEncoding.DecodeString(c.Credentials.Secret) if err != nil { - return nil, err + return nil, fmt.Errorf("client secrets must be base64 decodable. See issue #337. Please consider replacing %q with %q", + c.Credentials.Secret, base64.URLEncoding.EncodeToString([]byte(c.Credentials.Secret))) } cm, err := newClientIdentityModel(c.Credentials.ID, dec, &c.Metadata) if err != nil { diff --git a/db/user.go b/db/user.go index 8ac04c83..00991668 100644 --- a/db/user.go +++ b/db/user.go @@ -451,6 +451,12 @@ func (u *userModel) user() (user.User, error) { } func newUserModel(u *user.User) (*userModel, error) { + if u.ID == "" { + return nil, fmt.Errorf("user is missing ID field") + } + if u.Email == "" { + return nil, fmt.Errorf("user %s is missing email field", u.ID) + } um := userModel{ ID: u.ID, DisplayName: u.DisplayName,