oppi.li / indigo
fork of indigo with slightly nicer lexgen
fork atom

use atproto JSON error responses

bnewbold.net 9cd13558 f3a0794d

options
unified split
Changed files
+26 -8
atproto
auth
http.go
+26 -8
atproto/auth/http.go
··· 3 3 import ( 4 4 "context" 5 5 "crypto/subtle" 6 + "encoding/json" 7 + "fmt" 6 8 "net/http" 7 9 "strings" 8 10 ··· 26 28 } 27 29 } 28 30 w.Header().Set("WWW-Authenticate", `Basic realm="admin", charset="UTF-8"`) 29 - // TODO: XRPC error body? 30 - http.Error(w, "Unauthorized", http.StatusUnauthorized) 31 + w.Header().Set("Content-Type", "application/json") 32 + w.WriteHeader(http.StatusUnauthorized) 33 + json.NewEncoder(w).Encode(map[string]string{ 34 + "error": "Unauthorized", 35 + "message": "atproto admin auth required, but missing or incorrect password", 36 + }) 31 37 } 32 38 } 33 39 ··· 40 46 if hdr := r.Header.Get("Authorization"); hdr != "" { 41 47 parts := strings.Split(hdr, " ") 42 48 if parts[0] != "Bearer" || len(parts) != 2 { 43 - // TODO: XRPC error body? 44 49 w.Header().Set("WWW-Authenticate", "Bearer") 45 - http.Error(w, "Unauthorized", http.StatusUnauthorized) 50 + w.Header().Set("Content-Type", "application/json") 51 + w.WriteHeader(http.StatusUnauthorized) 52 + json.NewEncoder(w).Encode(map[string]string{ 53 + "error": "Unauthorized", 54 + "message": "atproto service auth required, but missing or incorrect formatting", 55 + }) 46 56 return 47 57 } 48 58 ··· 59 69 did, err := v.Validate(r.Context(), parts[1], lxm) 60 70 if err != nil { 61 71 w.Header().Set("WWW-Authenticate", "Bearer") 62 - http.Error(w, "Unauthorized", http.StatusUnauthorized) 63 - // TODO: XRPC error body? 72 + w.Header().Set("Content-Type", "application/json") 73 + w.WriteHeader(http.StatusUnauthorized) 74 + json.NewEncoder(w).Encode(map[string]string{ 75 + "error": "Unauthorized", 76 + "message": fmt.Sprintf("invalid service auth: %s", err), 77 + }) 64 78 return 65 79 } 66 80 ctx := context.WithValue(r.Context(), "did", did) ··· 69 83 } 70 84 71 85 if mandatory { 72 - // TODO: XRPC error body? 73 86 w.Header().Set("WWW-Authenticate", "Bearer") 74 - http.Error(w, "Unauthorized", http.StatusUnauthorized) 87 + w.Header().Set("Content-Type", "application/json") 88 + w.WriteHeader(http.StatusUnauthorized) 89 + json.NewEncoder(w).Encode(map[string]string{ 90 + "error": "Unauthorized", 91 + "message": "atproto service auth required", 92 + }) 75 93 return 76 94 } 77 95 handler(w, r)