| OLD | NEW |
|---|
| 1 // Copyright 2015 The LUCI Authors. All rights reserved. | 1 // Copyright 2015 The LUCI Authors. All rights reserved. |
| 2 // Use of this source code is governed under the Apache License, Version 2.0 | 2 // Use of this source code is governed under the Apache License, Version 2.0 |
| 3 // that can be found in the LICENSE file. | 3 // that can be found in the LICENSE file. |
| 4 | 4 |
| 5 // Package internal contains code used internally by common/auth. | 5 // Package internal contains code used internally by common/auth. |
| 6 package internal | 6 package internal |
| 7 | 7 |
| 8 import ( | 8 import ( |
| 9 "bytes" | 9 "bytes" |
| 10 "reflect" | 10 "reflect" |
| 11 "strings" | 11 "strings" |
| 12 "sync" | 12 "sync" |
| 13 "time" | 13 "time" |
| 14 | 14 |
| 15 "golang.org/x/net/context" | 15 "golang.org/x/net/context" |
| 16 "golang.org/x/oauth2" | 16 "golang.org/x/oauth2" |
| 17 | 17 |
| 18 "github.com/luci/luci-go/common/clock" | 18 "github.com/luci/luci-go/common/clock" |
| 19 "github.com/luci/luci-go/common/data/rand/mathrand" | 19 "github.com/luci/luci-go/common/data/rand/mathrand" |
| 20 "github.com/luci/luci-go/common/errors" | 20 "github.com/luci/luci-go/common/errors" |
| 21 "github.com/luci/luci-go/common/retry/transient" |
| 21 ) | 22 ) |
| 22 | 23 |
| 23 // expiryRandInterval is used by TokenExpiresInRnd. | 24 // expiryRandInterval is used by TokenExpiresInRnd. |
| 24 const expiryRandInterval = 30 * time.Second | 25 const expiryRandInterval = 30 * time.Second |
| 25 | 26 |
| 26 var ( | 27 var ( |
| 27 // ErrInsufficientAccess is returned by MintToken() if token can't be mi
nted | 28 // ErrInsufficientAccess is returned by MintToken() if token can't be mi
nted |
| 28 // for given OAuth scopes. For example, if GCE instance wasn't granted a
ccess | 29 // for given OAuth scopes. For example, if GCE instance wasn't granted a
ccess |
| 29 // to requested scopes when it was created. | 30 // to requested scopes when it was created. |
| 30 ErrInsufficientAccess = errors.New("can't get access token for given sco
pes") | 31 ErrInsufficientAccess = errors.New("can't get access token for given sco
pes") |
| (...skipping 218 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 249 return nil, err | 250 return nil, err |
| 250 case isBadKeyError(err): | 251 case isBadKeyError(err): |
| 251 return nil, err | 252 return nil, err |
| 252 case err != nil: | 253 case err != nil: |
| 253 // More often than not errors here are transient (network connec
tivity | 254 // More often than not errors here are transient (network connec
tivity |
| 254 // errors, HTTP 500 responses, etc). It is difficult to categori
ze them, | 255 // errors, HTTP 500 responses, etc). It is difficult to categori
ze them, |
| 255 // since oauth2 library uses fmt.Errorf(...) for errors. Retryin
g a fatal | 256 // since oauth2 library uses fmt.Errorf(...) for errors. Retryin
g a fatal |
| 256 // error a bunch of times is not very bad, so pick safer approac
h and assume | 257 // error a bunch of times is not very bad, so pick safer approac
h and assume |
| 257 // any error is transient. Revoked refresh token or bad credenti
als (most | 258 // any error is transient. Revoked refresh token or bad credenti
als (most |
| 258 // common source of fatal errors) is already handled above. | 259 // common source of fatal errors) is already handled above. |
| 259 » » return nil, errors.WrapTransient(err) | 260 » » return nil, transient.Tag.Apply(err) |
| 260 default: | 261 default: |
| 261 return tok, nil | 262 return tok, nil |
| 262 } | 263 } |
| 263 } | 264 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2951393002:
[errors] de-specialize Transient in favor of Tags. (Closed)
