Return a typed error

This commit is contained in:
Mariano Cano 2022-09-20 10:36:44 -07:00
parent 6686f0437d
commit 495494ce8f
2 changed files with 28 additions and 9 deletions

View file

@ -12,10 +12,11 @@ var oidExtensionNameConstraints = []int{2, 5, 29, 30}
type ConstraintError struct {
Type string
Name string
Detail string
}
func (e ConstraintError) Error() string {
return fmt.Sprintf("%s %q is not allowed", e.Type, e.Name)
return e.Detail
}
type service struct {
@ -74,7 +75,8 @@ func (s *service) Validate(dnsNames []string, ipAddresses []*net.IP, emailAddres
if err := checkNameConstraints("IP address", ip.String(), ip, s.permittedIPRanges, s.excludedIPRanges,
func(parsedName, constraint any) (bool, error) {
return matchIPConstraint(parsedName.(net.IP), constraint.(*net.IPNet))
}); err != nil {
},
); err != nil {
return err
}
}
@ -97,7 +99,8 @@ func (s *service) Validate(dnsNames []string, ipAddresses []*net.IP, emailAddres
if err := checkNameConstraints("URI", uri.String(), uri, s.permittedURIDomains, s.excludedURIDomains,
func(parsedName, constraint any) (bool, error) {
return matchURIConstraint(parsedName.(*url.URL), constraint.(string))
}); err != nil {
},
); err != nil {
return err
}
}

View file

@ -43,11 +43,19 @@ func checkNameConstraints(nameType string, name string, parsedName any, permitte
constraint := excludedValue.Index(i).Interface()
match, err := match(parsedName, constraint)
if err != nil {
return err
return ConstraintError{
Type: nameType,
Name: name,
Detail: err.Error(),
}
}
if match {
return fmt.Errorf("%s %q is excluded by constraint %q", nameType, name, constraint)
return ConstraintError{
Type: nameType,
Name: name,
Detail: fmt.Sprintf("%s %q is excluded by constraint %q", nameType, name, constraint),
}
}
}
@ -60,14 +68,22 @@ func checkNameConstraints(nameType string, name string, parsedName any, permitte
for i := 0; i < permittedValue.Len(); i++ {
constraint := permittedValue.Index(i).Interface()
if ok, err = match(parsedName, constraint); err != nil {
return err
return ConstraintError{
Type: nameType,
Name: name,
Detail: err.Error(),
}
}
if ok {
break
}
}
if !ok {
return fmt.Errorf("%s %q is not permitted by any constraint", nameType, name)
return ConstraintError{
Type: nameType,
Name: name,
Detail: fmt.Sprintf("%s %q is not permitted by any constraint", nameType, name),
}
}
return nil