ErrBadType = errors.New("type must be client or network")
// ErrNoMatchID is returned when Delete is called on nonexisting ID.
ErrNoMatchID = errors.New("nonexisting access token ID")
+ // ErrInvalidToken is returned when Check is called on invalid token
+ ErrInvalidToken = errors.New("invalid token")
// validIDRegexp checks that all characters are alphumeric, _ or -.
// It also must have a length of at least 1.
return true, nil
}
- return false, nil
+ return false, ErrInvalidToken
}
// List lists all access tokens.
}
valid, err = cs.Check(ctx, "x", "badsecret")
- if err != nil {
- t.Fatal(err)
+ if err == nil {
+ t.Fatal("invalid token check passed")
}
if valid {
t.Fatal("expected bad secret to not be valid")
var loopbackOn = true
var (
- //ErrInvalidToken is returned when authenticate is called with invalide token.
+ //ErrInvalidToken is returned when authenticate is called with invalid token.
ErrInvalidToken = errors.New("invalid token")
//ErrNoToken is returned when authenticate is called with no token.
ErrNoToken = errors.New("no token")
a.tokenMu.Unlock()
if !ok || time.Now().After(res.lastLookup.Add(tokenExpiry)) {
valid, err := a.tokens.Check(ctx, user, pw)
- if err != nil {
- return errors.Wrap(err)
+ if err != nil || !valid {
+ return ErrInvalidToken
}
res = tokenResult{valid: valid, lastLookup: time.Now()}
a.tokenMu.Lock()
a.tokenMap[user+pw] = res
a.tokenMu.Unlock()
}
- if !res.valid {
- return ErrInvalidToken
- }
return nil
}