Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type StandardError ¶
type StandardError string
StandardError is a standard error.
const ( ErrAccessListRuleConfig StandardError = "acl rule configuration error: %v: %v" ErrAccessListRuleConditionConfig StandardError = "acl rule condition configuration error: %v: %v" ErrAccessListNoRules StandardError = "acl has no rules" ErrACLRuleConditionSyntaxMatchNotFound StandardError = "invalid condition syntax, matcher not found: %v" ErrACLRuleConditionSyntaxMatchFieldNotFound StandardError = "invalid condition syntax, matcher field not found: %v" ErrACLRuleConditionSyntaxMatchValueNotFound StandardError = "invalid condition syntax, matcher values not found: %v" ErrACLRuleConditionSyntaxCondDataType StandardError = "invalid condition syntax, matcher condition data type unsupported: %v" ErrACLRuleConditionSyntaxUnsupported StandardError = "invalid condition syntax, failed creating rule condition: %v" ErrACLRuleConditionSyntaxStrategyNotFound StandardError = "invalid condition syntax, matcher strategy not found: %v" ErrACLRuleConditionSyntaxReservedWordUsage StandardError = "invalid condition syntax, found reserved keyword %q: %v" ErrACLRuleSyntaxExtractCondToken StandardError = "invalid rule syntax, failed to extract condition tokens: %v" ErrACLRuleSyntaxDuplicateField StandardError = "invalid rule syntax, duplicate field: %s" ErrACLRuleSyntaxExtractActionToken StandardError = "invalid rule syntax, failed to extract action tokens: %v" ErrACLRuleSyntaxAllowPreceed StandardError = "invalid rule syntax, %q must preceed stop/counter/log directives" ErrACLRuleSyntaxTagFollowedByValue StandardError = "invalid rule syntax, %q tag must be followed by value" ErrACLRuleSyntaxInvalidToken StandardError = "invalid rule syntax, invalid %q token" ErrACLRuleSyntaxCondNotFound StandardError = "invalid rule syntax, no match conditions found" ErrACLRuleSyntaxTypeUnsupported StandardError = "invalid rule syntax, type %q is unsupported" ErrACLRuleSyntaxLoggerNotFound StandardError = "invalid rule syntax, no logger found for log enabled rule: %s" ErrACLRuleSyntax StandardError = "invalid rule syntax: %v" )
ACL Errors
const ( ErrAPIKeyPayloadEmpty StandardError = "api key payload is empty" ErrAPIKeyUsageEmpty StandardError = "api key usage type is empty" ErrAPIKeyCommentEmpty StandardError = "api key comment is empty" ErrAPIKeyUsageUnsupported StandardError = "api key usage type %q is unsupported" ErrLookupAPIKeyPayloadEmpty StandardError = "api key payload is empty" ErrLookupAPIKeyFailed StandardError = "api key lookup failed" ErrLookupAPIKeyMalformedPayload StandardError = "api key payload is malformed" )
API key errors.
const ( ErrStaticAssetAddFailed StandardError = "failed adding custom static asset %s (%s) from %s for %s portal: %v" ErrUserInterfaceThemeNotFound StandardError = "user interface validation for %s portal failed: %s theme not found" ErrUserInterfaceBuiltinTemplateAddFailed StandardError = "user interface validation for %s portal failed for built-in template %s in %s theme: %v" ErrUserInterfaceCustomTemplateAddFailed StandardError = "user interface validation for %s portal failed for custom template %s in %s: %v" ErrCryptoKeyStoreConfig StandardError = "crypto key store configuration for %q instance failed: %v" ErrGeneric StandardError = "%s: %v" ErrAuthorizationFailed StandardError = "user authorization failed: %s, reason: %v" )
Portal errors.
const ( ErrAuthProxyConfigInvalid StandardError = "invalid authproxy config: %v" ErrBasicAuthFailed StandardError = "basic authentication via authproxy failed" ErrAPIKeyAuthFailed StandardError = "api key authentication via authproxy failed" )
Auth Proxy Errors
const ( ErrCacheEmptyToken StandardError = "cache: user token is empty" ErrCacheNilUser StandardError = "cache: user is nil" )
Cache Errors
const ( ErrValidateArgTooFew StandardError = "too few arguments for %q directive (config: %d, min: %d)" ErrValidateArgTooMany StandardError = "too many args for %q directive (config: %d, max: %d)" )
Config parsing errors.
const ( ErrEmptyACLAction StandardError = "empty access list action" ErrEmptyACLClaim StandardError = "empty access list claim" ErrEmptyMethod StandardError = "empty http method" ErrEmptyPath StandardError = "empty http path" ErrEmptyClaim StandardError = "empty claim value" ErrEmptyValue StandardError = "empty value" ErrNoValues StandardError = "no acl.Values" ErrUnsupportedACLAction StandardError = "unsupported access list action: %s" ErrUnsupportedClaim StandardError = "access list does not support %s claim, only audiences, roles, scopes" ErrUnsupportedMethod StandardError = "unsupported http method: %s" ErrKeyIDNotFound StandardError = "key ID not found" ErrUnsupportedKeyType StandardError = "unsupported key type %T for key ID %s" ErrRSAKeysNotFound StandardError = "no RSA keys found" ErrECDSAKeysNotFound StandardError = "no ECDSA keys found" ErrPrivateKeysNotFound StandardError = "no private keys found" ErrUnknownConfigSource StandardError = "sig key config source is not found" ErrReadPEMFile StandardError = "(source: %s): read PEM file: %v" ErrWalkDir StandardError = "walking directory: %v" ErrProvisonFailed StandardError = "authorization provider provisioning error" ErrEmptyProviderName StandardError = "authorization provider name is empty" ErrNoMemberReference StandardError = "no member reference found" ErrTooManyPrimaryInstances StandardError = "found more than one primaryInstance instance of the plugin for %s context" ErrUndefinedSecret StandardError = "%s: token keys and secrets must be defined either via environment variables or via token_ configuration element" ErrInvalidConfiguration StandardError = "%s: configuration error: %v" ErrTokenAlreadyConfigured StandardError = "token already configured" ErrLoadCryptoKeyConfig StandardError = "%s: failed loading token in %s context: %v" ErrUnsupportedSignatureMethod StandardError = "%s: unsupported token sign/verify method: %s" ErrUnsupportedTokenSource StandardError = "%s: unsupported token source: %s" ErrInvalidBackendConfiguration StandardError = "%s: token validator configuration error: %s" ErrUnknownProvider StandardError = "authorization provider %s not found" ErrInvalidProvider StandardError = "authorization provider %s is nil" ErrNoPrimaryInstanceProvider StandardError = "no primaryInstance authorization provider found in %s context when configuring %s" ErrNoCryptoKeysFound StandardError = "no crypto keys found in %s context" ErrLoadingKeys StandardError = "loading %s keys: %v" ErrInvalidClaimExpiresAt StandardError = "invalid exp type: %T" ErrInvalidClaimIssuedAt StandardError = "invalid iat type: %T" ErrInvalidClaimNotBefore StandardError = "invalid nbf type: %T" ErrInvalidSigningMethod StandardError = "unsupported signing method" ErrEmptySecret StandardError = "empty secrets are not supported" ErrInvalidAudience StandardError = "invalid audience type %T in audience" ErrInvalidAudienceType StandardError = "invalid audience type %T" ErrInvalidRole StandardError = "invalid role type %T in roles" ErrInvalidRoleType StandardError = "invalid roles type %T" ErrInvalidScope StandardError = "invalid scope type %T in scopes" ErrInvalidScopeType StandardError = "invalid scopes type %T" ErrInvalidOrg StandardError = "invalid org type %T in orgs" ErrInvalidOrgType StandardError = "invalid orgs type %T" ErrInvalidAppMetadataRoleType StandardError = "invalid roles type %T in app_metadata-authorization" ErrInvalidAddrType StandardError = "invalid ip address type %T in addr" ErrInvalidAccessListPath StandardError = "invalid acl path type %T in paths" ErrInvalidIDClaimType StandardError = "invalid jti claim value type %T" ErrInvalidIssuerClaimType StandardError = "invalid iss claim value type %T" ErrInvalidSubjectClaimType StandardError = "invalid sub claim value type %T" ErrInvalidEmailClaimType StandardError = "invalid %s claim value type %T" ErrInvalidNameClaimType StandardError = "invalid name claim value type %T" ErrInvalidOriginClaimType StandardError = "invalid origin claim value type %T" ErrInvalidPictureClaimType StandardError = "invalid picture claim value type %T" ErrInvalidMetadataClaimType StandardError = "invalid metadata claim value type %T" ErrSigningOptionsNotFound StandardError = "signing options not found" ErrSigningMethodNotFound StandardError = "signing method not found" ErrPrivateSigningKeyNotFound StandardError = "private key for signing not found" ErrNoBackends StandardError = "no token backends available" ErrExpiredToken StandardError = "expired token" ErrNoAccessList StandardError = "user role is valid, but denied by default deny on empty access list" ErrAccessNotAllowed StandardError = "user role is valid, but not allowed by access list" ErrAccessNotAllowedByPathACL StandardError = "user role is valid, but not allowed by path access list" ErrSourceAddressNotFound StandardError = "source ip validation is enabled, but no ip address claim found" ErrSourceAddressMismatch StandardError = "source ip address mismatch between the claim %q and request %q" ErrNoParsedClaims StandardError = "failed to extract claims" ErrNoTokenFound StandardError = "no token found" ErrInvalidParsedClaims StandardError = "failed to extract claims: %s" ErrInvalidSecret StandardError = "secret key backend error: %s" ErrInvalid StandardError = "%v" ErrMixedAlgorithms StandardError = "mixed key algorithms found in %s: %v" ErrFoundDuplicateKeyID StandardError = "duplicate kid %s for %s keys found in %s" ErrMixedConfigKeyType StandardError = "failed adding key to %s config, key type %s" ErrUnsupportedConfigKeyType StandardError = "unsupported key type in token config: %T" ErrNotECDSAPrivatePEMEncodedKey StandardError = "the key is not ECDSA private PEM-encoded key: %s" ErrNotPEMEncodedKey StandardError = "the key is not PEM-encoded key" ErrNotECDSAPrivateKey StandardError = "the key is not ECDSA private key" ErrNotECDSAPublicKey StandardError = "the key is not ECDSA public key" ErrNotECDSAPublicKeyType StandardError = "the key is not ECDSA public key: %T" ErrEmptyCryptoKeyConfigOrigin StandardError = "empty token config origin" ErrUnsupportedCryptoKeyConfigOrigin StandardError = "unsupported token config origin: %s" ErrPrimaryRegistrationFailed StandardError = "primary instance registration for %s context failed" ErrRegistrationTimeout StandardError = "non-primary instance registration in %s context timed out" ErrAuthorizerFailed StandardError = "authorizer %s in %s context failed" ErrContextNotFound StandardError = "authorizer %s in %s context not found" ErrContextFailed StandardError = "authorizer %s in failed %s context" ErrPrimaryInstanceNotFound StandardError = "authorizer %s has not primary instance in %s context" ErrPrimaryInstanceNotInitialized StandardError = "authorizer %s has uninitialized primary instance in %s context" ErrPrimaryInstanceFailed StandardError = "authorizer %s has failed primary instance in %s context" ErrInstanceValidatationTimeout StandardError = "authorizer %s in %s context failed to due to timeout" ErrMultipleSigningKeys StandardError = "multiple signing keys found" ErrSigningKeyNotFound StandardError = "signing key not found for %v" ErrSigningKeyNil StandardError = "signing key is nil" ErrSigningKeyTooShort StandardError = "signing key is too short" ErrDataSigningFailed StandardError = "data signing failed for %v: %v" ErrGetSignedTokenEmpty StandardError = "token signing failed for %v: empty signed token" ErrSigningKeyMethodPrivateKeyConflict StandardError = "token signing failed: method and private key conflict %s vs. %s" ErrParsePrivateRSAKey StandardError = "failed to parse private RSA key: %v" ErrParsePrivateECDSAKey StandardError = "failed to parse private ECDSA key: %v" ErrParsePublicRSAKey StandardError = "failed to parse public RSA key: %v" ErrParsePublicECDSAKey StandardError = "failed to parse public ECDSA key: %v" ErrECDSAPrivateKeyCurveNotSupported StandardError = "the private ECDSA key has unsupported curve: %s" ErrUnsupportedECDSACurve StandardError = "found unsupported ECDSA curve: %s" ErrEmptyECDSACurve StandardError = "found empty ECDSA curve" ErrNoECDSACurveParamsFound StandardError = "no ECDSA curve parameters found" ErrParseEnvVar StandardError = "failed to parse environment variable %s: %v" ErrEncryptionKeysNotFound StandardError = "encryption keys not found" ErrKeyOverwriteFailed StandardError = "failed to overwrite used key id %s" ErrKeyNil StandardError = "key is nil" ErrCryptoKeyConfigNil StandardError = "token configuration is nil" ErrFailed StandardError = "encountered error: %v" // InstanceManager errors. ErrInstanceManagerValidate StandardError = "instance %q validation failed: %v" ErrInvalidLoginHint StandardError = "login_hint query parameter is not in a valid format" ErrInvalidAdditionalScopes StandardError = "additional_scopes query parameter is not in a valid format" )
Generic Errors
const ( ErrSecurityConfig StandardError = "security config error: %v" ErrMalformedDirective StandardError = "malformed %q directive: %v" ErrMalformedDirectiveValue StandardError = "malformed %q directive with %v: %v" ErrConfigDirectiveShort StandardError = "the %q directive is too short: %v" ErrConfigDirectiveValueUnsupported StandardError = "the %q directive value of %q is unsupported" ErrConfigDirectiveFail StandardError = "the %q directive with value of %q failed: %v" ErrPortalConfigBackendsNotFound StandardError = "portal config has no identity providers or stores" ErrPortalConfigNameNotFound StandardError = "portal config name not found" ErrPolicyConfigNameNotFound StandardError = "gatekeeper policy config name not found" )
Global security config errors.
const ( ErrCredAddConfigType StandardError = "credential config %T is unsupported" ErrCredKeyValueEmpty StandardError = "credential config %q key is empty" )
Credentials Errors
const ( ErrNewDatabase StandardError = "failed initializing database at %q: %v" ErrNewDatabaseInvalidUser StandardError = "failed initializing database: found invalid user %v, %v" ErrNewDatabaseDuplicateUser StandardError = "failed initializing database: found duplicate user %s %v" ErrNewDatabaseDuplicateUserID StandardError = "failed initializing database: found duplicate user id %s %v" ErrNewDatabaseDuplicateEmail StandardError = "failed initializing database: found duplicate email address %s, %v" ErrNewDatabaseDuplicateAPIKey StandardError = "failed initializing database: found duplicate api key %s, %v" ErrDatabaseCommit StandardError = "failed database commit to %q: %v" ErrDatabaseOperation StandardError = "database operation failed: %v" ErrDatabaseInvalidUser StandardError = "username and email point to a different identity in the database" ErrDatabaseUserNotFound StandardError = "user not found" // ErrDatabaseInvalidUserPassword StandardError = "invalid password" ErrAuthFailed StandardError = "user authentication failed: %v" ErrAddPublicKey StandardError = "failed adding %s public key: %v" ErrDeletePublicKey StandardError = "failed deleting %q key: %v" ErrGetPublicKeys StandardError = "failed getting %q keys: %v" ErrAddAPIKey StandardError = "failed adding %s key: %v" ErrDeleteAPIKey StandardError = "failed deleting %q key: %v" ErrGetAPIKeys StandardError = "failed getting %q keys: %v" ErrChangeUserPassword StandardError = "failed change user password: %v" ErrUpdateUserPassword StandardError = "failed updating user password: %v" ErrUserPasswordNotFound StandardError = "user password not set" ErrUserPasswordInvalid StandardError = "user password is invalid" ErrUserPolicyCompliance StandardError = "username policy compliance check failed" ErrPasswordPolicyCompliance StandardError = "user password policy compliance check failed" ErrAddUser StandardError = "failed adding user %q: %v" ErrDeleteUser StandardError = "failed deleting user %q: %v" ErrGetUsers StandardError = "failed retrieving users: %v" ErrGetUser StandardError = "failed retrieving user %q: %v" ErrPasswordEmpty StandardError = "empty password" ErrPasswordEmptyAlgorithm StandardError = "empty password hash algorithm" ErrPasswordGenerate StandardError = "password generation error: %v" ErrPasswordUnsupportedAlgorithm StandardError = "unsupported password hash algorithm: %v" ErrPasswordHashed StandardError = "failed handling hashed password: %v" ErrUserIDInvalidLength StandardError = "invalid user id length: %d" ErrUsernameEmpty StandardError = "username is empty" ErrEmailAddressInvalid StandardError = "invalid email address" ErrRoleEmpty StandardError = "role name is empty" ErrParseNameFailed StandardError = "failed to parse name: %s" ErrCreditCardUnsupportedIssuer StandardError = "unsupported credit card issuer: %v" ErrCreditCardUnsupportedAssociation StandardError = "unsupported credit card association: %v" )
Database errors.
const ( ErrNewGatekeeperLoggerNil StandardError = "failed initializing gatekeeper: logger is nil" ErrNewGatekeeperConfigNil StandardError = "failed initializing gatekeeper: config is nil" ErrNewGatekeeper StandardError = "failed initializing gatekeeper: %v" ErrGatekeeperRegistryEntryNotFound StandardError = "gatekeeper %q not found in registry" ErrGatekeeperRegistryEntryExists StandardError = "gatekeeper %q already registered" )
Gatekeeper errors.
const ( ErrTokenGrantorNoSigningKeysFound StandardError = "token grantor: signing keys not found" ErrTokenGrantorUnsupportedAlgo StandardError = "token grantor: unsupported algo: %s" ErrTokenGrantorNoClaimsFound StandardError = "token grantor: claims not provided" ErrTokenGrantorKeyNoSigningCapability StandardError = "token grantor: key has no signing capability" ErrTokenGrantorKeyTokenNameNotSet StandardError = "token grantor: key has no token name set" ErrTokenGrantorKeyMaxLifetimeNotSet StandardError = "token grantor: key has no max token lifetime set" )
Token Grantor Errors
const ( ErrIdentityProviderConfigInvalid StandardError = "invalid identity provider config: %v" // Generic Errors. ErrIdentityProviderRequest StandardError = "%s failed: %v" // Config Errors. ErrIdentityProviderConfigureEmptyConfig StandardError = "identity provider configuration is empty" ErrIdentityProviderConfigureLoggerNotFound StandardError = "identity provider configuration has no logger" ErrIdentityProviderConfigureNameEmpty StandardError = "identity provider configuration has empty name" ErrIdentityProviderConfigureRealmEmpty StandardError = "identity provider configuration has empty realm" ErrIdentityProviderNewConfig StandardError = "identity provider config %v error: %v" ErrIdentityProviderConfig StandardError = "identity provider config error: %v" // OAuth Errors. ErrIdentityProviderOauthAuthorizationStateNotFound StandardError = "OAuth 2.0 authorization state not found" ErrIdentityProviderOauthAuthorizationFailedDetailed StandardError = "failed OAuth 2.0 authorization flow, error: %s, description: %s" ErrIdentityProviderOauthAuthorizationFailed StandardError = "failed OAuth 2.0 authorization flow, error: %s" ErrIdentityProviderOauthFetchAccessTokenFailed StandardError = "failed fetching OAuth 2.0 access token: %s" ErrIdentityProviderOauthFetchClaimsFailed StandardError = "failed fetching OAuth 2.0 claims: %s" ErrIdentityProviderOauthFetchUserInfoFailed StandardError = "failed fetching OAuth 2.0 user info: %v" ErrIdentityProviderOauthFetchUserGroupsFailed StandardError = "failed fetching OAuth 2.0 user groups: %v" ErrIdentityProviderOauthValidateAccessTokenFailed StandardError = "failed validating OAuth 2.0 access token: %s" ErrIdentityProviderOauthResponseProcessingFailed StandardError = "unable to process OAuth 2.0 response" ErrIdentityProviderOauthGetAccessTokenFailedDetailed StandardError = "failed obtaining OAuth 2.0 access token, error: %v, description: %q" ErrIdentityProviderOauthKeyFetchFailed StandardError = "failed to fetch jwt keys for OAuth 2.0 authorization server: %s" ErrIdentityProviderOauthMetadataFieldNotFound StandardError = "metadata %s field not found for provider %s" ErrIdentityProviderOauthJwksResponseKeysNotFound StandardError = "jwks response has no keys field" ErrIdentityProviderOauthJwksKeysParseFailed StandardError = "failed to compile jwks keys into JSON: %v" ErrIdentityProviderOauthJwksKeysNotFound StandardError = "no jwks keys found" ErrIdentityProviderOauthJwksKeysTooManyAttempts StandardError = "too many attemps to fetch jwks keys" ErrIdentityProviderOauthJwksInvalidKey StandardError = "invalid jwks key: %v" ErrIdentityProviderOAuthAccessTokenNotFound StandardError = "OAuth 2.0 %s not found" ErrIdentityProviderOAuthAccessTokenSignMethodNotSupported StandardError = "OAuth 2.0 %s signed with unsupported algorithm: %v" ErrIdentityProviderOAuthAccessTokenKeyIDNotFound StandardError = "OAuth 2.0 kid not found in %s" ErrIdentityProviderOAuthAccessTokenKeyIDNotRegistered StandardError = "OAuth 2.0 %s has unregisted key id %v" ErrIdentityProviderOAuthParseToken StandardError = "OAuth 2.0 failed to parse %s: %v" ErrIdentityProviderOAuthInvalidToken StandardError = "OAuth 2.0 %s is invalid: %v" ErrIdentityProviderOAuthNonceValidationFailed StandardError = "OAuth 2.0 %s nonce claim validation failed: %v" ErrIdentityProviderOAuthEmailNotFound StandardError = "OAuth 2.0 %s email claim not found" ErrIdentityProviderOauthMetadataFetchFailed StandardError = "failed to fetch metadata for OAuth 2.0 authorization server: %s" ErrIdentityProviderOauthGetAccessTokenFailed StandardError = "failed obtaining OAuth 2.0 access token, error: %v" ErrIdentityProviderAuthorizationServerResponseFieldNotFound StandardError = "authorization server response has no %q field" )
Identity Provider Errors
const ( ErrIdentityStoreConfigInvalid StandardError = "invalid identity store config: %v" // Local identity store errors. ErrIdentityStoreLocalConfigurePathEmpty StandardError = "identity store configuration has empty database path" ErrIdentityStoreLocalConfigurePathMismatch StandardError = "identity store configuration database path does not match to an existing path in the same realm: %v %v" // LDAP identity store errors. ErrIdentityStoreLdapAuthenticateInvalidUserEmail StandardError = "LDAP authentication request contains invalid user email" ErrIdentityStoreLdapAuthenticateInvalidUsername StandardError = "LDAP authentication request contains invalid username" ErrIdentityStoreLdapAuthenticateInvalidPassword StandardError = "LDAP authentication request contains invalid password" ErrIdentityStoreLdapAuthFailed StandardError = "LDAP authentication failed: %v" // Generic Errors. ErrIdentityStoreRequest StandardError = "%s failed: %v" // Config Errors. ErrIdentityStoreConfigureEmptyConfig StandardError = "identity store configuration is empty" ErrIdentityStoreConfigureLoggerNotFound StandardError = "identity store configuration has no logger" ErrIdentityStoreInvalidProvider StandardError = "identity store configuration has invalid provider: %s" ErrIdentityStoreConfigureNameEmpty StandardError = "identity store configuration has empty name" ErrIdentityStoreConfigureRealmEmpty StandardError = "identity store configuration has empty realm" ErrIdentityStoreNewConfig StandardError = "identity store config %v error: %v" ErrIdentityStoreNewConfigInvalidAuthMethod StandardError = "identity store config %v has invalid auth method" ErrIdentityStoreConfigureInvalidBaseURL StandardError = "identity store config %q has invalid base auth url %q: %v" // Authentication Errors. ErrIdentityStoreLocalAuthFailed StandardError = "local backed authentication failed: %v" )
Identity Store Errors
const ( ErrJwksKeyIDEmpty StandardError = "jwks key id is empty" ErrJwksKeyAlgoUnsupported StandardError = "jwks unsupported key algorithm %s for %s" ErrJwksKeyTypeEmpty StandardError = "jwks key type is empty for %s" ErrJwksKeyTypeUnsupported StandardError = "jwks unsupported key type %s for %s" ErrJwksKeyUsageEmpty StandardError = "jwks key usage is empty for %s" ErrJwksKeyUsageUnsupported StandardError = "jwks unsupported key usage %s for %s" ErrJwksKeyExponentEmpty StandardError = "jwks key exponent is empty for %s" ErrJwksKeyModulusEmpty StandardError = "jwks key modulus is empty for %s" ErrJwksKeyDecodeModulus StandardError = "jwks failed to decode key %q modulus %q: %v" ErrJwksKeyDecodeExponent StandardError = "jwks failed to decode key %q exponent: %v" ErrJwksKeyConvExponent StandardError = "jwks failed to decode key %q exponent: %v" ErrJwksKeyCurveEmpty StandardError = "jwks key curve is empty for %s" ErrJwksKeyCurveUnsupported StandardError = "jwks unsupported key curve %s for %s" ErrJwksKeyCurveCoordNotFound StandardError = "jwks key %q curve has no x/y coordinates" ErrJwksKeyCoordLength StandardError = "jwks key %q curve %s coordinate is %d bytes in length, exp: %d bytes" ErrJwksKeyDecodeCoord StandardError = "jwks failed to decode key %q curve %s coordinate: %v" ErrJwksKeyTypeNotImplemented StandardError = "jwks key %q type %q processing not implemented: %v" )
JWKS Errors
const ( // CryptoKeyConfig ErrCryptoKeyConfigNewInvalidArgs StandardError = "kms: invalid token config arguments: %v" ErrCryptoKeyConfigNewArgTypeInvalid StandardError = "kms: invalid token config argument type: %T" ErrCryptoKeyConfigNewFailedUnmarshal StandardError = "kms: failed unmarshal token config: %v" ErrCryptoKeyConfigNewEmptyArg StandardError = "kms: emtpy token config arguments" ErrCryptoKeyConfigReadFile StandardError = "kms: failed to open file %q referenced in token config: %v" ErrCryptoKeyConfigFileNotSupported StandardError = "kms: file %q is not supported due to extension type" ErrCryptoKeyConfigFileKeyNotFound StandardError = "kms: file %q has no keys" ErrCryptoKeyConfigUnsupportedPrivateKeyAlgo StandardError = "unsupported private key algo %T" ErrCryptoKeyConfigUnsupportedPublicKeyAlgo StandardError = "unsupported public key algo %T" ErrCryptoKeyConfigEmptyEnvVar StandardError = "environment variable %s has empty value" ErrCryptoKeyConfigEntryInvalid StandardError = "key config entry %q is invalid: %v" ErrCryptoKeyConfigNoConfigFound StandardError = "no key configs found" ErrCryptoKeyConfigKeyInvalid StandardError = "key config %d is invalid: %v" // KeyManager ErrKeyManagerAddKeyNil StandardError = "kms: failed adding nil key to key manager" ErrKeyManagerCryptoKeyConfigInvalidType StandardError = "kms: failed key manager with invalid token config type: %T" // Keystore ErrKeystoreAddKeyNil StandardError = "keystore: failed adding nil key to keystore" ErrCryptoKeyStoreAddKeyNil StandardError = "keystore: failed adding nil key to keystore" ErrCryptoKeyStoreParseTokenFailed StandardError = "keystore: failed to parse token" ErrCryptoKeyStoreTokenData StandardError = "keystore: failed creating user from a parsed token" ErrCryptoKeyStoreParseTokenExpired StandardError = "keystore: parsed token has expired" ErrCryptoKeyStoreSignTokenFailed StandardError = "keystore: failed to sign token" ErrCryptoKeyStoreNoVerifyKeysFound StandardError = "keystore: no verification keys found" ErrCryptoKeyStoreNoSignKeysFound StandardError = "keystore: no signing keys found" ErrCryptoKeyStoreAutoGenerateNotAvailable StandardError = "auto-generate not available when keystore is not empty" ErrCryptoKeyStoreAutoGenerateFailed StandardError = "failed to auto-generate keystore keypair: %v" ErrCryptoKeyStoreAutoGenerateAlgo StandardError = "auto-generate does not support %q algorithm" // Signing ErrUnsupportedSigningMethod StandardError = "kms: grantor does not support %s token signing method" ErrUnexpectedSigningMethod StandardError = "signing method mismatch: %v (expected) vs. %v (received)" )
Key Management System Errors
const ( ErrMessagingAddProviderConfigType StandardError = "messaging provider config %T is unsupported" ErrMessagingProviderKeyValueEmpty StandardError = "messaging provider config %q key is empty" ErrMessagingProviderInvalidTemplate StandardError = "messaging provider config contains unsupported %q template" ErrMessagingProviderProtocolUnsupported StandardError = "messaging provider config %q protocol unsupported" ErrMessagingProviderCredentialsWithPasswordless StandardError = "messaging provider config is both passwordless and has credentials" ErrMessagingProviderAuthUnsupported StandardError = "messaging provider does not support AUTH extension" ErrMessagingProviderSend StandardError = "messaging provider send error: %v" ErrMessagingProviderDir StandardError = "messaging provider file dir error: %v" )
Messaging Errors
const ( ErrAddMfaToken StandardError = "failed adding MFA token: %v" ErrDeleteMfaToken StandardError = "failed deleting MFA token %q: %v" ErrGetMfaTokens StandardError = "failed getting MFA tokens: %v" ErrDuplicateMfaTokenSecret StandardError = "duplicate MFA token secret" ErrDuplicateMfaTokenComment StandardError = "duplicate MFA token comment" ErrMfaTokenEmptyAlgorithm StandardError = "empty MFA token algorithm" ErrMfaTokenTypeEmpty StandardError = "empty MFA token type" ErrMfaTokenInvalidType StandardError = "invalid MFA token type: %s" ErrMfaTokenInvalidAlgorithm StandardError = "invalid MFA token algorithm: %s" ErrMfaTokenInvalidPeriod StandardError = "invalid MFA token period: %d" ErrMfaTokenInvalidDigits StandardError = "invalid MFA token digits: %d" ErrMfaTokenInvalidPasscode StandardError = "invalid MFA token passcode: %v" ErrWebAuthnRegisterNotFound StandardError = "webauthn register not found" ErrWebAuthnChallengeNotFound StandardError = "webauthn challenge not found" ErrWebAuthnParse StandardError = "failed parsing webauthn request: %v" ErrWebAuthnEmptyRegisterID StandardError = "webauthn register id is empty" ErrWebAuthnEmptyRegisterKeyType StandardError = "webauthn register key type is empty" ErrWebAuthnInvalidRegisterKeyType StandardError = "invalid webauthn register key type: %v" ErrWebAuthnEmptyRegisterTransport StandardError = "webauthn register key transport is empty" ErrWebAuthnInvalidRegisterTransport StandardError = "invalid webauthn register key transport: %v" ErrWebAuthnRegisterAttestationObjectNotFound StandardError = "webauthn register attestation object not found" ErrWebAuthnRegisterAuthDataNotFound StandardError = "webauthn register attestation object auth data not found" ErrWebAuthnRegisterCredentialDataNotFound StandardError = "webauthn register attestation object auth data credential not found" ErrWebAuthnRegisterEmptyRelyingPartyID StandardError = "webauthn register attestation object auth data rpIdHash empty" ErrWebAuthnRegisterEmptyFlags StandardError = "webauthn register attestation object auth data flags empty" ErrWebAuthnRegisterPublicKeyNotFound StandardError = "webauthn register attestation object auth data credential public key not found" ErrWebAuthnRegisterPublicKeyUnsupported StandardError = "webauthn register attestation object auth data credential public key type %v is unsupported" ErrWebAuthnRegisterPublicKeyTypeNotFound StandardError = "webauthn register attestation object auth data credential public key type not found" ErrWebAuthnRegisterPublicKeyAlgorithmUnsupported StandardError = "webauthn register attestation object auth data credential public key algorithm %v is unsupported" ErrWebAuthnRegisterPublicKeyAlgorithmNotFound StandardError = "webauthn register attestation object auth data credential public key algorithm not found" ErrWebAuthnRegisterPublicKeyCurveUnsupported StandardError = "webauthn register attestation object auth data credential public key curve_type %v is unsupported" ErrWebAuthnRegisterPublicKeyTypeAlgorithmUnsupported StandardError = "webauthn register attestation object auth data credential public key type %q and algorithm %q are unsupported" ErrWebAuthnRegisterPublicKeyCurveCoord StandardError = "webauthn register attestation object auth data credential public key curve %v coordinate error: %v" ErrWebAuthnRequest StandardError = "webauthn request failed: %v" ErrWebAuthnVerifyRequest StandardError = "webauthn authentication request failed: %v" )
MFA token errors.
const ( ErrNotifyRequestDataNil StandardError = "notification request has no data" ErrNotifyRequestTemplateUnsupported StandardError = "notification request template %q is unsupported" ErrNotifyRequestFieldNotFound StandardError = "notification request is missing required %q field" ErrNotifyRequestLangUnsupported StandardError = "notification request %q language is unsupported" ErrNotifyRequestEmailProviderNotFound StandardError = "notification request %q email provider not found" ErrNotifyRequestEmailProviderCredNotFound StandardError = "notification request %q email provider credentials not found" ErrNotifyRequestCredNotFound StandardError = "notification request %q email provider %q credentials not found" ErrNotifyRequestProviderTypeUnsupported StandardError = "notification request %q email provider type %q is unsupported" ErrNotifyRequestEmail StandardError = "notification request via %q email provider failed: %v" ErrNotifyRequestMessagingNil StandardError = "notification request via %q email provider has no access to messaging" ErrNotifyRequestCredNil StandardError = "notification request via %q email provider has no access to credentials" )
Notification Errors
const ( ErrOperatorNotAvailable StandardError = "%s operation is not available" ErrOperatorNotSupported StandardError = "%s operation not supported" )
Operator errors.
const ( ErrNewPortalLoggerNil StandardError = "failed initializing portal: logger is nil" ErrNewPortalConfigNil StandardError = "failed initializing portal: config is nil" ErrNewPortal StandardError = "failed initializing portal: %v" ErrPortalRegistryEntryNotFound StandardError = "authentication portal %q not found in registry" ErrPortalRegistryEntryExists StandardError = "authentication portal %q already registered" )
Portal errors.
const ( ErrPublicKeyEmptyPayload StandardError = "public key payload is empty" ErrPublicKeyInvalidUsage StandardError = "public key usage %q is invalid" ErrPublicKeyUsagePayloadMismatch StandardError = "public key usage %q does not match its payload" ErrPublicKeyBlockType StandardError = "public key block type %q is invalid" ErrPublicKeyParse StandardError = "public key parse failed: %v" ErrPublicKeyUsageUnsupported StandardError = "public key usage %q is unsupported" ErrPublicKeyTypeUnsupported StandardError = "public key type %q is unsupported" )
Public key errors.
const ( // User Registration errors ErrUserRegistrationConfig StandardError = "user registration configuration for %q instance failed: %v" ErrUserRegistryConfigureLoggerNotFound StandardError = "user registry has no logger" ErrUserRegistryConfigMessagingNil StandardError = "user registration config %q messaging is nil" ErrUserRegistryConfigMessagingProviderNotFound StandardError = "user registration config %q messaging provider %q not found" ErrUserRegistryConfigMessagingProviderCredentialsNotFound StandardError = "user registration config %q messaging provider %q has no associated credentials" ErrUserRegistryConfigCredentialsNil StandardError = "user registration config %q credentials is nil" ErrUserRegistryConfigCredentialsNotFound StandardError = "user registration config %q credential %q not found" ErrUserRegistryConfigAdminEmailNotFound StandardError = "user registration config %q registration admin email not found" )
Registry errors.
const ( ErrSingleSignOnProviderConfigInvalid StandardError = "invalid sso provider config: %v: %v" ErrSingleSignOnProviderConfigureLoggerNotFound StandardError = "sso provider configuration has no logger" )
SSO Provider Errors
const ( ErrClaimNil StandardError = "user claim is nil" ErrInvalidUserDataType StandardError = "user data type is invalid" ErrCheckpointInvalidType StandardError = "failed creating checkpoint with %T data type: %v" ErrCheckpointInvalidInput StandardError = "failed creating checkpoint for %v: %v" ErrCheckpointEmpty StandardError = "failed creating checkpoint: empty input" ErrFrontendLinkInvalidType StandardError = "failed creating frontend link with %T data type: %v" )
User Errors
const ( ErrValidatorCryptoKeyStoreNoKeys StandardError = "token validator: no keys found when adding to keystore" ErrValidatorCryptoKeyStoreNoVerifyKeys StandardError = "token validator: no verification keys found when adding to keystore" ErrValidatorInvalidToken StandardError = "token validator: invalid token: %v" ErrInvalidSourcePriority StandardError = "token validator: invalid token source priority" ErrInvalidSourceName StandardError = "token validator: invalid token source name: %s" ErrDuplicateSourceName StandardError = "token validator: duplicate token source name: %s" ErrTokenNamesNotFound StandardError = "token validator: allowed token names not provided" ErrEmptyTokenName StandardError = "token validator: a token name is empty" ErrDuplicateTokenName StandardError = "token validator: duplicate allowed token name: %s" ErrTokenValidatorOptionsNotFound StandardError = "token validator: options not found" ErrValidatorAuthProxy StandardError = "token validator: auth proxy config is nil" ErrValidatorAuthProxyPortalName StandardError = "token validator: auth proxy config has empty portal name" ErrValidatorAuthProxyNotFound StandardError = "token validator: auth proxy %q not found" )
Token Validator Errors
const (
ErrNewServer StandardError = "server initialization failed: %s: %v"
)
Server Errors
func (StandardError) Error ¶
func (e StandardError) Error() string
func (StandardError) WithArgs ¶
func (e StandardError) WithArgs(v ...interface{}) error
WithArgs accepts errors with parameters.
Source Files
¶
- acl.go
- api_key.go
- auth.go
- authproxy.go
- cache.go
- cfgutil.go
- common.go
- config.go
- credentials.go
- database.go
- errors.go
- gatekeeper.go
- grantor.go
- identity_provider.go
- identity_store.go
- jwks.go
- kms.go
- messaging.go
- mfa_token.go
- notification.go
- operator.go
- portal.go
- public_key.go
- registry.go
- server.go
- sso.go
- user.go
- validator.go
Click to show internal directories.
Click to hide internal directories.