Handle OAuth2 AuthorizationExceptions in pub.

utils/pub/command_lish.dart

 // Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 library command_lish;
 
 import 'dart:io';
 import 'dart:json';
 import 'dart:uri';
 
@@ skipping 18 matching lines @@
         help: 'The package server to which to upload this package');
     return parser;
   }
 
   /// The URL of the server to which to upload the package.
   Uri get server => new Uri.fromString(commandOptions['server']);
 
   Future onRun() {
     var cloudStorageUrl;
     return oauth2.withClient(cache, (client) {
-      // TODO(nweiz): Better error-handling. There are a few cases we need to
-      // handle better:
-      //
-      // * The server can tell us we need new credentials (a 401 error). The
-      //   oauth2 package should throw an AuthorizationException in this case
-      //   (contingent on issue 6813 and 6275). We should have the user
-      //   re-authorize the client, then restart the command. We should also do
-      //   this in case of an ExpirationException. See issue 6950.
-      //
-      // * Cloud Storage can provide an XML-formatted error. We should report
-      //   that error and exit.
+      // TODO(nweiz): Cloud Storage can provide an XML-formatted error. We
+      // should report that error and exit.
       return Futures.wait([
         client.get(server.resolve("/packages/versions/new.json")),
         _filesToPublish.transform((files) {
           return createTarGz(files, baseDir: entrypoint.root.dir);
         }).chain(consumeInputStream)
       ]).chain((results) {
         var response = results[0];
         var packageBytes = results[1];
         var parameters = _parseJson(response);
 
@@ skipping 36 matching lines @@
           throw 'Failed to upload the package.';
         } else if (url.origin == server.origin) {
           var errorMap = _parseJson(e.response);
           if (errorMap['error'] is! Map ||
               !errorMap['error'].containsKey('message') ||
               errorMap['error']['message'] is! String) {
             _invalidServerResponse(e.response);
           }
           throw errorMap['error']['message'];
         }
+      } else if (e is oauth2.ExpirationException) {
+        printError("Pub's authorization to upload packages has expired and "
+            "can't be automatically refreshed.");
+        return onRun();
+      } else if (e is oauth2.AuthorizationException) {
+        var message = "OAuth2 authorization failed";
+        if (e.description != null) message = "$message (${e.description})";
+        printError("$message.");
+        return oauth2.clearCredentials(cache).chain((_) => onRun());
+      } else {
+        throw e;
       }
-
-      if (e is! oauth2.ExpirationException) throw e;
-
-      printError("Pub's authorization to upload packages has expired and can't "
-          "be automatically refreshed.");
-      return onRun();
     });
   }
 
   /// The basenames of files that are automatically excluded from archives.
   final _BLACKLISTED_FILES = const ['pubspec.lock'];
 
   /// The basenames of directories that are automatically excluded from
   /// archives.
   final _BLACKLISTED_DIRECTORIES = const ['packages'];
 
@@ skipping 45 matching lines @@
   _expectField(Map map, String key, http.Response response) {
     if (map.containsKey(key)) return map[key];
     _invalidServerResponse(response);
   }
 
   /// Throws an error describing an invalid response from the server.
   void _invalidServerResponse(http.Response response) {
     throw 'Invalid server response:\n${response.body}';
   }
 }