diff --git a/src/api/common/signature/error.rs b/src/api/common/signature/error.rs index a1b353e1..8d86f042 100644 --- a/src/api/common/signature/error.rs +++ b/src/api/common/signature/error.rs @@ -11,8 +11,13 @@ pub enum Error { Common(CommonError), /// Authorization Header Malformed - #[error("Authorization header malformed, unexpected scope: {0}")] - AuthorizationHeaderMalformed(String), + #[error( + "Authorization header malformed, unexpected scope: '{unexpected}', expected: '{expected}'" + )] + AuthorizationHeaderMalformed { + unexpected: String, + expected: String, + }, // Category: bad request /// The request contained an invalid UTF-8 sequence in its path or in other parameters diff --git a/src/api/common/signature/payload.rs b/src/api/common/signature/payload.rs index ec4558e6..0b0e8de6 100644 --- a/src/api/common/signature/payload.rs +++ b/src/api/common/signature/payload.rs @@ -400,7 +400,10 @@ pub fn verify_v4( ) -> Result { let scope_expected = compute_scope(&auth.date, &garage.config.s3_api.s3_region, service); if auth.scope != scope_expected { - return Err(Error::AuthorizationHeaderMalformed(auth.scope.to_string())); + return Err(Error::AuthorizationHeaderMalformed { + unexpected: auth.scope.to_string(), + expected: scope_expected, + }); } let key = garage diff --git a/src/api/k2v/error.rs b/src/api/k2v/error.rs index 7ce3b073..797eb868 100644 --- a/src/api/k2v/error.rs +++ b/src/api/k2v/error.rs @@ -20,8 +20,13 @@ pub enum Error { // Category: cannot process /// Authorization Header Malformed - #[error("Authorization header malformed, unexpected scope: {0}")] - AuthorizationHeaderMalformed(String), + #[error( + "Authorization header malformed, unexpected scope: '{unexpected}', expected: '{expected}'" + )] + AuthorizationHeaderMalformed { + unexpected: String, + expected: String, + }, /// The provided digest (checksum) value was invalid #[error("Invalid digest: {0}")] @@ -54,9 +59,13 @@ impl From for Error { fn from(err: SignatureError) -> Self { match err { SignatureError::Common(c) => Self::Common(c), - SignatureError::AuthorizationHeaderMalformed(c) => { - Self::AuthorizationHeaderMalformed(c) - } + SignatureError::AuthorizationHeaderMalformed { + unexpected, + expected, + } => Self::AuthorizationHeaderMalformed { + unexpected, + expected, + }, SignatureError::InvalidUtf8Str(i) => Self::InvalidUtf8Str(i), SignatureError::InvalidDigest(d) => Self::InvalidDigest(d), } @@ -72,7 +81,7 @@ impl Error { Error::Common(c) => c.aws_code(), Error::NoSuchKey => "NoSuchKey", Error::NotAcceptable(_) => "NotAcceptable", - Error::AuthorizationHeaderMalformed(_) => "AuthorizationHeaderMalformed", + Error::AuthorizationHeaderMalformed { .. } => "AuthorizationHeaderMalformed", Error::InvalidBase64(_) => "InvalidBase64", Error::InvalidUtf8Str(_) => "InvalidUtf8String", Error::InvalidCausalityToken => "CausalityToken", @@ -88,7 +97,7 @@ impl ApiError for Error { Error::Common(c) => c.http_status_code(), Error::NoSuchKey => StatusCode::NOT_FOUND, Error::NotAcceptable(_) => StatusCode::NOT_ACCEPTABLE, - Error::AuthorizationHeaderMalformed(_) + Error::AuthorizationHeaderMalformed { .. } | Error::InvalidBase64(_) | Error::InvalidUtf8Str(_) | Error::InvalidDigest(_) diff --git a/src/api/s3/error.rs b/src/api/s3/error.rs index 74ef6692..09aa0604 100644 --- a/src/api/s3/error.rs +++ b/src/api/s3/error.rs @@ -31,8 +31,13 @@ pub enum Error { // Category: cannot process /// Authorization Header Malformed - #[error("Authorization header malformed, unexpected scope: {0}")] - AuthorizationHeaderMalformed(String), + #[error( + "Authorization header malformed, unexpected scope: '{unexpected}', expected: '{expected}'" + )] + AuthorizationHeaderMalformed { + unexpected: String, + expected: String, + }, /// The object requested don't exists #[error("Key not found")] @@ -121,9 +126,13 @@ impl From for Error { fn from(err: SignatureError) -> Self { match err { SignatureError::Common(c) => Self::Common(c), - SignatureError::AuthorizationHeaderMalformed(c) => { - Self::AuthorizationHeaderMalformed(c) - } + SignatureError::AuthorizationHeaderMalformed { + unexpected, + expected, + } => Self::AuthorizationHeaderMalformed { + unexpected, + expected, + }, SignatureError::InvalidUtf8Str(i) => Self::InvalidUtf8Str(i), SignatureError::InvalidDigest(d) => Self::InvalidDigest(d), } @@ -146,7 +155,7 @@ impl Error { Error::InvalidPart => "InvalidPart", Error::InvalidPartOrder => "InvalidPartOrder", Error::EntityTooSmall => "EntityTooSmall", - Error::AuthorizationHeaderMalformed(_) => "AuthorizationHeaderMalformed", + Error::AuthorizationHeaderMalformed { .. } => "AuthorizationHeaderMalformed", Error::InvalidXml(_) => "MalformedXML", Error::InvalidXmlDe(_) => "MalformedXML", Error::InvalidXmlSe(_) => "InternalError", @@ -172,7 +181,7 @@ impl ApiError for Error { Error::PreconditionFailed => StatusCode::PRECONDITION_FAILED, Error::InvalidRange(_) => StatusCode::RANGE_NOT_SATISFIABLE, Error::InvalidXmlSe(_) => StatusCode::INTERNAL_SERVER_ERROR, - Error::AuthorizationHeaderMalformed(_) + Error::AuthorizationHeaderMalformed { .. } | Error::InvalidPart | Error::InvalidPartOrder | Error::EntityTooSmall