|
|
|
//
|
|
|
|
// Error generator macro
|
|
|
|
//
|
|
|
|
use std::error::Error as StdError;
|
|
|
|
|
|
|
|
macro_rules! make_error {
|
|
|
|
( $( $name:ident ( $ty:ty ): $src_fn:expr, $usr_msg_fun:expr ),+ $(,)? ) => {
|
|
|
|
const BAD_REQUEST: u16 = 400;
|
|
|
|
|
|
|
|
pub enum ErrorKind { $($name( $ty )),+ }
|
|
|
|
pub struct Error { message: String, error: ErrorKind, error_code: u16 }
|
|
|
|
|
|
|
|
$(impl From<$ty> for Error {
|
|
|
|
fn from(err: $ty) -> Self { Error::from((stringify!($name), err)) }
|
|
|
|
})+
|
|
|
|
$(impl<S: Into<String>> From<(S, $ty)> for Error {
|
|
|
|
fn from(val: (S, $ty)) -> Self {
|
|
|
|
Error { message: val.0.into(), error: ErrorKind::$name(val.1), error_code: BAD_REQUEST }
|
|
|
|
}
|
|
|
|
})+
|
|
|
|
impl StdError for Error {
|
|
|
|
fn source(&self) -> Option<&(dyn StdError + 'static)> {
|
|
|
|
match &self.error {$( ErrorKind::$name(e) => $src_fn(e), )+}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
impl std::fmt::Display for Error {
|
|
|
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
|
|
|
match &self.error {$(
|
|
|
|
ErrorKind::$name(e) => f.write_str(&$usr_msg_fun(e, &self.message)),
|
|
|
|
)+}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
use diesel::r2d2::PoolError as R2d2Err;
|
|
|
|
use diesel::result::Error as DieselErr;
|
|
|
|
use diesel::ConnectionError as DieselConErr;
|
|
|
|
use diesel_migrations::RunMigrationsError as DieselMigErr;
|
|
|
|
use handlebars::RenderError as HbErr;
|
|
|
|
use jsonwebtoken::errors::Error as JwtErr;
|
|
|
|
use lettre::address::AddressError as AddrErr;
|
|
|
|
use lettre::error::Error as LettreErr;
|
|
|
|
use lettre::transport::smtp::Error as SmtpErr;
|
|
|
|
use openssl::error::ErrorStack as SSLErr;
|
|
|
|
use regex::Error as RegexErr;
|
|
|
|
use reqwest::Error as ReqErr;
|
|
|
|
use rocket::error::Error as RocketErr;
|
|
|
|
use serde_json::{Error as SerdeErr, Value};
|
|
|
|
use std::io::Error as IoErr;
|
|
|
|
use std::time::SystemTimeError as TimeErr;
|
|
|
|
use webauthn_rs::error::WebauthnError as WebauthnErr;
|
|
|
|
use yubico::yubicoerror::YubicoError as YubiErr;
|
|
|
|
|
|
|
|
#[derive(Serialize)]
|
|
|
|
pub struct Empty {}
|
|
|
|
|
|
|
|
// Error struct
|
|
|
|
// Contains a String error message, meant for the user and an enum variant, with an error of different types.
|
|
|
|
//
|
|
|
|
// After the variant itself, there are two expressions. The first one indicates whether the error contains a source error (that we pretty print).
|
|
|
|
// The second one contains the function used to obtain the response sent to the client
|
|
|
|
make_error! {
|
|
|
|
// Just an empty error
|
|
|
|
Empty(Empty): _no_source, _serialize,
|
|
|
|
// Used to represent err! calls
|
|
|
|
Simple(String): _no_source, _api_error,
|
|
|
|
// Used for special return values, like 2FA errors
|
|
|
|
Json(Value): _no_source, _serialize,
|
|
|
|
Db(DieselErr): _has_source, _api_error,
|
|
|
|
R2d2(R2d2Err): _has_source, _api_error,
|
|
|
|
Serde(SerdeErr): _has_source, _api_error,
|
|
|
|
JWt(JwtErr): _has_source, _api_error,
|
|
|
|
Handlebars(HbErr): _has_source, _api_error,
|
|
|
|
|
|
|
|
Io(IoErr): _has_source, _api_error,
|
|
|
|
Time(TimeErr): _has_source, _api_error,
|
|
|
|
Req(ReqErr): _has_source, _api_error,
|
|
|
|
Regex(RegexErr): _has_source, _api_error,
|
|
|
|
Yubico(YubiErr): _has_source, _api_error,
|
|
|
|
|
|
|
|
Lettre(LettreErr): _has_source, _api_error,
|
|
|
|
Address(AddrErr): _has_source, _api_error,
|
|
|
|
Smtp(SmtpErr): _has_source, _api_error,
|
|
|
|
OpenSSL(SSLErr): _has_source, _api_error,
|
|
|
|
Rocket(RocketErr): _has_source, _api_error,
|
|
|
|
|
|
|
|
DieselCon(DieselConErr): _has_source, _api_error,
|
|
|
|
DieselMig(DieselMigErr): _has_source, _api_error,
|
|
|
|
Webauthn(WebauthnErr): _has_source, _api_error,
|
|
|
|
}
|
|
|
|
|
|
|
|
impl std::fmt::Debug for Error {
|
|
|
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
|
|
|
match self.source() {
|
|
|
|
Some(e) => write!(f, "{}.\n[CAUSE] {:#?}", self.message, e),
|
|
|
|
None => match self.error {
|
|
|
|
ErrorKind::Empty(_) => Ok(()),
|
|
|
|
ErrorKind::Simple(ref s) => {
|
|
|
|
if &self.message == s {
|
|
|
|
write!(f, "{}", self.message)
|
|
|
|
} else {
|
|
|
|
write!(f, "{}. {}", self.message, s)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ErrorKind::Json(_) => write!(f, "{}", self.message),
|
|
|
|
_ => unreachable!(),
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl Error {
|
|
|
|
pub fn new<M: Into<String>, N: Into<String>>(usr_msg: M, log_msg: N) -> Self {
|
|
|
|
(usr_msg, log_msg.into()).into()
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn empty() -> Self {
|
|
|
|
Empty {}.into()
|
|
|
|
}
|
|
|
|
|
|
|
|
#[must_use]
|
|
|
|
pub fn with_msg<M: Into<String>>(mut self, msg: M) -> Self {
|
|
|
|
self.message = msg.into();
|
|
|
|
self
|
|
|
|
}
|
|
|
|
|
|
|
|
#[must_use]
|
|
|
|
pub const fn with_code(mut self, code: u16) -> Self {
|
|
|
|
self.error_code = code;
|
|
|
|
self
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
pub trait MapResult<S> {
|
|
|
|
fn map_res(self, msg: &str) -> Result<S, Error>;
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<S, E: Into<Error>> MapResult<S> for Result<S, E> {
|
|
|
|
fn map_res(self, msg: &str) -> Result<S, Error> {
|
|
|
|
self.map_err(|e| e.into().with_msg(msg))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<E: Into<Error>> MapResult<()> for Result<usize, E> {
|
|
|
|
fn map_res(self, msg: &str) -> Result<(), Error> {
|
|
|
|
self.and(Ok(())).map_res(msg)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<S> MapResult<S> for Option<S> {
|
|
|
|
fn map_res(self, msg: &str) -> Result<S, Error> {
|
|
|
|
self.ok_or_else(|| Error::new(msg, ""))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#[allow(clippy::unnecessary_wraps)]
|
|
|
|
const fn _has_source<T>(e: T) -> Option<T> {
|
|
|
|
Some(e)
|
|
|
|
}
|
|
|
|
fn _no_source<T, S>(_: T) -> Option<S> {
|
|
|
|
None
|
|
|
|
}
|
|
|
|
|
|
|
|
fn _serialize(e: &impl serde::Serialize, _msg: &str) -> String {
|
|
|
|
serde_json::to_string(e).unwrap()
|
|
|
|
}
|
|
|
|
|
|
|
|
fn _api_error(_: &impl std::any::Any, msg: &str) -> String {
|
|
|
|
let json = json!({
|
|
|
|
"Message": msg,
|
|
|
|
"error": "",
|
|
|
|
"error_description": "",
|
|
|
|
"ValidationErrors": {"": [ msg ]},
|
|
|
|
"ErrorModel": {
|
|
|
|
"Message": msg,
|
|
|
|
"Object": "error"
|
|
|
|
},
|
Added web-vault v2.21.x support + some misc fixes
- The new web-vault v2.21.0+ has support for Master Password Reset. For
this to work it generates a public/private key-pair which needs to be
stored in the database. Currently the Master Password Reset is not
fixed, but there are endpoints which are needed even if we do not
support this feature (yet). This PR fixes those endpoints, and stores
the keys already in the database.
- There was an issue when you want to do a key-rotate when you change
your password, it also called an Emergency Access endpoint, which we do
not yet support. Because this endpoint failed to reply correctly
produced some errors, and also prevent the user from being forced to
logout. This resolves #1826 by adding at least that endpoint.
Because of that extra endpoint check to Emergency Access is done using
an old user stamp, i also modified the stamp exception to allow multiple
rocket routes to be called, and added an expiration timestamp to it.
During these tests i stumbled upon an issue that after my key-change was
done, it triggered the websockets to try and reload my ciphers, because
they were updated. This shouldn't happen when rotating they keys, since
all access should be invalided. Now there will be no websocket
notification for this, which also prevents error toasts.
- Increased Send Size limit to 500MB (with a litle overhead)
As a side note, i tested these changes on both v2.20.4 and v2.21.1 web-vault versions, all keeps working.
4 years ago
|
|
|
"ExceptionMessage": null,
|
|
|
|
"ExceptionStackTrace": null,
|
|
|
|
"InnerExceptionMessage": null,
|
|
|
|
"Object": "error"
|
|
|
|
});
|
|
|
|
_serialize(&json, "")
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Rocket responder impl
|
|
|
|
//
|
|
|
|
use std::io::Cursor;
|
|
|
|
|
|
|
|
use rocket::http::{ContentType, Status};
|
|
|
|
use rocket::request::Request;
|
|
|
|
use rocket::response::{self, Responder, Response};
|
|
|
|
|
|
|
|
impl<'r> Responder<'r, 'static> for Error {
|
|
|
|
fn respond_to(self, _: &Request<'_>) -> response::Result<'static> {
|
|
|
|
match self.error {
|
|
|
|
ErrorKind::Empty(_) => {} // Don't print the error in this situation
|
|
|
|
ErrorKind::Simple(_) => {} // Don't print the error in this situation
|
|
|
|
_ => error!(target: "error", "{:#?}", self),
|
|
|
|
};
|
|
|
|
|
|
|
|
let code = Status::from_code(self.error_code).unwrap_or(Status::BadRequest);
|
|
|
|
let body = self.to_string();
|
|
|
|
Response::build().status(code).header(ContentType::JSON).sized_body(Some(body.len()), Cursor::new(body)).ok()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Error return macros
|
|
|
|
//
|
|
|
|
#[macro_export]
|
|
|
|
macro_rules! err {
|
|
|
|
($msg:expr) => {{
|
|
|
|
error!("{}", $msg);
|
|
|
|
return Err(crate::error::Error::new($msg, $msg));
|
|
|
|
}};
|
|
|
|
($usr_msg:expr, $log_value:expr) => {{
|
|
|
|
error!("{}. {}", $usr_msg, $log_value);
|
|
|
|
return Err(crate::error::Error::new($usr_msg, $log_value));
|
|
|
|
}};
|
|
|
|
}
|
|
|
|
|
|
|
|
macro_rules! err_silent {
|
|
|
|
($msg:expr) => {{
|
|
|
|
return Err(crate::error::Error::new($msg, $msg));
|
|
|
|
}};
|
|
|
|
($usr_msg:expr, $log_value:expr) => {{
|
|
|
|
return Err(crate::error::Error::new($usr_msg, $log_value));
|
|
|
|
}};
|
|
|
|
}
|
|
|
|
|
|
|
|
#[macro_export]
|
|
|
|
macro_rules! err_code {
|
|
|
|
($msg:expr, $err_code: expr) => {{
|
|
|
|
error!("{}", $msg);
|
|
|
|
return Err(crate::error::Error::new($msg, $msg).with_code($err_code));
|
|
|
|
}};
|
|
|
|
($usr_msg:expr, $log_value:expr, $err_code: expr) => {{
|
|
|
|
error!("{}. {}", $usr_msg, $log_value);
|
|
|
|
return Err(crate::error::Error::new($usr_msg, $log_value).with_code($err_code));
|
|
|
|
}};
|
|
|
|
}
|
|
|
|
|
|
|
|
#[macro_export]
|
|
|
|
macro_rules! err_discard {
|
|
|
|
($msg:expr, $data:expr) => {{
|
|
|
|
std::io::copy(&mut $data.open(), &mut std::io::sink()).ok();
|
|
|
|
return Err(crate::error::Error::new($msg, $msg));
|
|
|
|
}};
|
|
|
|
($usr_msg:expr, $log_value:expr, $data:expr) => {{
|
|
|
|
std::io::copy(&mut $data.open(), &mut std::io::sink()).ok();
|
|
|
|
return Err(crate::error::Error::new($usr_msg, $log_value));
|
|
|
|
}};
|
|
|
|
}
|
|
|
|
|
|
|
|
#[macro_export]
|
|
|
|
macro_rules! err_json {
|
|
|
|
($expr:expr, $log_value:expr) => {{
|
|
|
|
return Err(($log_value, $expr).into());
|
|
|
|
}};
|
|
|
|
}
|
|
|
|
|
|
|
|
#[macro_export]
|
|
|
|
macro_rules! err_handler {
|
|
|
|
($expr:expr) => {{
|
|
|
|
error!(target: "auth", "Unauthorized Error: {}", $expr);
|
|
|
|
return ::rocket::request::Outcome::Failure((rocket::http::Status::Unauthorized, $expr));
|
|
|
|
}};
|
|
|
|
($usr_msg:expr, $log_value:expr) => {{
|
|
|
|
error!(target: "auth", "Unauthorized Error: {}. {}", $usr_msg, $log_value);
|
|
|
|
return ::rocket::request::Outcome::Failure((rocket::http::Status::Unauthorized, $usr_msg));
|
|
|
|
}};
|
|
|
|
}
|