From 9c641ac605f4e623bf7d6157689aaf918e2a5dbf Mon Sep 17 00:00:00 2001 From: hamid ghaf Date: Wed, 28 Jul 2021 12:52:15 -0700 Subject: [PATCH 1/5] VAULT-1303 when a request to vault fails, show namespace if set --- api/response.go | 18 +++++++++++++++--- http/handler.go | 3 +++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/api/response.go b/api/response.go index ae350c979165..bf18def3cf61 100644 --- a/api/response.go +++ b/api/response.go @@ -41,12 +41,14 @@ func (r *Response) Error() error { r.Body.Close() r.Body = ioutil.NopCloser(bodyBuf) + ns := r.Header.Get("X-Vault-Namespace") // Build up the error object respErr := &ResponseError{ - HTTPMethod: r.Request.Method, - URL: r.Request.URL.String(), - StatusCode: r.StatusCode, + HTTPMethod: r.Request.Method, + URL: r.Request.URL.String(), + StatusCode: r.StatusCode, + NamespacePath: ns, } // Decode the error response if we can. Note that we wrap the bodyBuf @@ -92,6 +94,10 @@ type ResponseError struct { // Errors are the underlying errors returned by Vault. Errors []string + + // Namespace path to be reported to the client if it is set to anything other + // than root + NamespacePath string } // Error returns a human-readable error string for the response error. @@ -101,9 +107,15 @@ func (r *ResponseError) Error() string { errString = "Raw Message" } + ns := r.NamespacePath + if ns != "" && ns != "root/" { + ns = "Namespace: " + ns + "\n" + } + var errBody bytes.Buffer errBody.WriteString(fmt.Sprintf( "Error making API request.\n\n"+ + ns+ "URL: %s %s\n"+ "Code: %d. %s:\n\n", r.HTTPMethod, r.URL, r.StatusCode, errString)) diff --git a/http/handler.go b/http/handler.go index 831c0651b12d..d7abb26392c0 100644 --- a/http/handler.go +++ b/http/handler.go @@ -350,6 +350,9 @@ func wrapGenericHandler(core *vault.Core, h http.Handler, props *vault.HandlerPr return } + // Setting the namespace in the header to be included in the error message + w.Header().Set("X-Vault-Namespace", r.Header.Get("X-Vault-Namespace")) + h.ServeHTTP(w, r) cancelFunc() From 0cc4bd16fa545f83aab10dbc2499aad512454353 Mon Sep 17 00:00:00 2001 From: hamid ghaf Date: Wed, 28 Jul 2021 16:11:27 -0700 Subject: [PATCH 2/5] Adding changelog --- changelog/12061.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelog/12061.txt diff --git a/changelog/12061.txt b/changelog/12061.txt new file mode 100644 index 000000000000..28b6b6467b2e --- /dev/null +++ b/changelog/12061.txt @@ -0,0 +1,3 @@ +```release-note:bug +core (enterprise): namespace header included in responses, Go client uses it when displaying error messages +``` From 33419e953c81a35900b45afa5e45a8415414ee6a Mon Sep 17 00:00:00 2001 From: hamid ghaf Date: Thu, 29 Jul 2021 07:32:39 -0700 Subject: [PATCH 3/5] Fix Changelog file name --- changelog/{12061.txt => 12196.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename changelog/{12061.txt => 12196.txt} (100%) diff --git a/changelog/12061.txt b/changelog/12196.txt similarity index 100% rename from changelog/12061.txt rename to changelog/12196.txt From f4ab56f89d0728574c072ae9fb4422db94d242ea Mon Sep 17 00:00:00 2001 From: hamid ghaf Date: Thu, 29 Jul 2021 11:43:59 -0700 Subject: [PATCH 4/5] Set namespace in ResponseWriter headers if it is set --- api/response.go | 6 +++--- http/handler.go | 5 ++++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/api/response.go b/api/response.go index bf18def3cf61..9746e146954f 100644 --- a/api/response.go +++ b/api/response.go @@ -107,9 +107,9 @@ func (r *ResponseError) Error() string { errString = "Raw Message" } - ns := r.NamespacePath - if ns != "" && ns != "root/" { - ns = "Namespace: " + ns + "\n" + var ns string + if r.NamespacePath != "" && r.NamespacePath != "root/" { + ns = "Namespace: " + r.NamespacePath + "\n" } var errBody bytes.Buffer diff --git a/http/handler.go b/http/handler.go index d7abb26392c0..b8f2a65c18b1 100644 --- a/http/handler.go +++ b/http/handler.go @@ -351,7 +351,10 @@ func wrapGenericHandler(core *vault.Core, h http.Handler, props *vault.HandlerPr } // Setting the namespace in the header to be included in the error message - w.Header().Set("X-Vault-Namespace", r.Header.Get("X-Vault-Namespace")) + ns := r.Header.Get("X-Vault-Namespace") + if ns != "" { + w.Header().Set("X-Vault-Namespace", ns) + } h.ServeHTTP(w, r) From 6daad76664abfe18f6dc1be0751dec10d7c70398 Mon Sep 17 00:00:00 2001 From: hamid ghaf Date: Fri, 30 Jul 2021 08:42:18 -0700 Subject: [PATCH 5/5] Using consts.NamespaceHeaderName instead of the literal string --- api/response.go | 3 ++- http/handler.go | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/api/response.go b/api/response.go index 9746e146954f..9ce3d12aacca 100644 --- a/api/response.go +++ b/api/response.go @@ -7,6 +7,7 @@ import ( "io/ioutil" "net/http" + "github.com/hashicorp/vault/sdk/helper/consts" "github.com/hashicorp/vault/sdk/helper/jsonutil" ) @@ -41,7 +42,7 @@ func (r *Response) Error() error { r.Body.Close() r.Body = ioutil.NopCloser(bodyBuf) - ns := r.Header.Get("X-Vault-Namespace") + ns := r.Header.Get(consts.NamespaceHeaderName) // Build up the error object respErr := &ResponseError{ diff --git a/http/handler.go b/http/handler.go index b8f2a65c18b1..11bdcbad17b7 100644 --- a/http/handler.go +++ b/http/handler.go @@ -351,9 +351,9 @@ func wrapGenericHandler(core *vault.Core, h http.Handler, props *vault.HandlerPr } // Setting the namespace in the header to be included in the error message - ns := r.Header.Get("X-Vault-Namespace") + ns := r.Header.Get(consts.NamespaceHeaderName) if ns != "" { - w.Header().Set("X-Vault-Namespace", ns) + w.Header().Set(consts.NamespaceHeaderName, ns) } h.ServeHTTP(w, r)