github.com/hellobchain/third_party@v0.0.0-20230331131523-deb0478a2e52/ldap.v2/error.go (about)

     1  package ldap
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"gopkg.in/asn1-ber.v1"
     7  )
     8  
     9  // LDAP Result Codes
    10  const (
    11  	LDAPResultSuccess                      = 0
    12  	LDAPResultOperationsError              = 1
    13  	LDAPResultProtocolError                = 2
    14  	LDAPResultTimeLimitExceeded            = 3
    15  	LDAPResultSizeLimitExceeded            = 4
    16  	LDAPResultCompareFalse                 = 5
    17  	LDAPResultCompareTrue                  = 6
    18  	LDAPResultAuthMethodNotSupported       = 7
    19  	LDAPResultStrongAuthRequired           = 8
    20  	LDAPResultReferral                     = 10
    21  	LDAPResultAdminLimitExceeded           = 11
    22  	LDAPResultUnavailableCriticalExtension = 12
    23  	LDAPResultConfidentialityRequired      = 13
    24  	LDAPResultSaslBindInProgress           = 14
    25  	LDAPResultNoSuchAttribute              = 16
    26  	LDAPResultUndefinedAttributeType       = 17
    27  	LDAPResultInappropriateMatching        = 18
    28  	LDAPResultConstraintViolation          = 19
    29  	LDAPResultAttributeOrValueExists       = 20
    30  	LDAPResultInvalidAttributeSyntax       = 21
    31  	LDAPResultNoSuchObject                 = 32
    32  	LDAPResultAliasProblem                 = 33
    33  	LDAPResultInvalidDNSyntax              = 34
    34  	LDAPResultAliasDereferencingProblem    = 36
    35  	LDAPResultInappropriateAuthentication  = 48
    36  	LDAPResultInvalidCredentials           = 49
    37  	LDAPResultInsufficientAccessRights     = 50
    38  	LDAPResultBusy                         = 51
    39  	LDAPResultUnavailable                  = 52
    40  	LDAPResultUnwillingToPerform           = 53
    41  	LDAPResultLoopDetect                   = 54
    42  	LDAPResultNamingViolation              = 64
    43  	LDAPResultObjectClassViolation         = 65
    44  	LDAPResultNotAllowedOnNonLeaf          = 66
    45  	LDAPResultNotAllowedOnRDN              = 67
    46  	LDAPResultEntryAlreadyExists           = 68
    47  	LDAPResultObjectClassModsProhibited    = 69
    48  	LDAPResultAffectsMultipleDSAs          = 71
    49  	LDAPResultOther                        = 80
    50  
    51  	ErrorNetwork            = 200
    52  	ErrorFilterCompile      = 201
    53  	ErrorFilterDecompile    = 202
    54  	ErrorDebugging          = 203
    55  	ErrorUnexpectedMessage  = 204
    56  	ErrorUnexpectedResponse = 205
    57  )
    58  
    59  // LDAPResultCodeMap contains string descriptions for LDAP error codes
    60  var LDAPResultCodeMap = map[uint8]string{
    61  	LDAPResultSuccess:                      "Success",
    62  	LDAPResultOperationsError:              "Operations Error",
    63  	LDAPResultProtocolError:                "Protocol Error",
    64  	LDAPResultTimeLimitExceeded:            "Time Limit Exceeded",
    65  	LDAPResultSizeLimitExceeded:            "Size Limit Exceeded",
    66  	LDAPResultCompareFalse:                 "Compare False",
    67  	LDAPResultCompareTrue:                  "Compare True",
    68  	LDAPResultAuthMethodNotSupported:       "Auth Method Not Supported",
    69  	LDAPResultStrongAuthRequired:           "Strong Auth Required",
    70  	LDAPResultReferral:                     "Referral",
    71  	LDAPResultAdminLimitExceeded:           "Admin Limit Exceeded",
    72  	LDAPResultUnavailableCriticalExtension: "Unavailable Critical Extension",
    73  	LDAPResultConfidentialityRequired:      "Confidentiality Required",
    74  	LDAPResultSaslBindInProgress:           "Sasl Bind In Progress",
    75  	LDAPResultNoSuchAttribute:              "No Such Attribute",
    76  	LDAPResultUndefinedAttributeType:       "Undefined Attribute Type",
    77  	LDAPResultInappropriateMatching:        "Inappropriate Matching",
    78  	LDAPResultConstraintViolation:          "Constraint Violation",
    79  	LDAPResultAttributeOrValueExists:       "Attribute Or Value Exists",
    80  	LDAPResultInvalidAttributeSyntax:       "Invalid Attribute Syntax",
    81  	LDAPResultNoSuchObject:                 "No Such Object",
    82  	LDAPResultAliasProblem:                 "Alias Problem",
    83  	LDAPResultInvalidDNSyntax:              "Invalid DN Syntax",
    84  	LDAPResultAliasDereferencingProblem:    "Alias Dereferencing Problem",
    85  	LDAPResultInappropriateAuthentication:  "Inappropriate Authentication",
    86  	LDAPResultInvalidCredentials:           "Invalid Credentials",
    87  	LDAPResultInsufficientAccessRights:     "Insufficient Access Rights",
    88  	LDAPResultBusy:                         "Busy",
    89  	LDAPResultUnavailable:                  "Unavailable",
    90  	LDAPResultUnwillingToPerform:           "Unwilling To Perform",
    91  	LDAPResultLoopDetect:                   "Loop Detect",
    92  	LDAPResultNamingViolation:              "Naming Violation",
    93  	LDAPResultObjectClassViolation:         "Object Class Violation",
    94  	LDAPResultNotAllowedOnNonLeaf:          "Not Allowed On Non Leaf",
    95  	LDAPResultNotAllowedOnRDN:              "Not Allowed On RDN",
    96  	LDAPResultEntryAlreadyExists:           "Entry Already Exists",
    97  	LDAPResultObjectClassModsProhibited:    "Object Class Mods Prohibited",
    98  	LDAPResultAffectsMultipleDSAs:          "Affects Multiple DSAs",
    99  	LDAPResultOther:                        "Other",
   100  }
   101  
   102  func getLDAPResultCode(packet *ber.Packet) (code uint8, description string) {
   103  	if packet == nil {
   104  		return ErrorUnexpectedResponse, "Empty packet"
   105  	} else if len(packet.Children) >= 2 {
   106  		response := packet.Children[1]
   107  		if response == nil {
   108  			return ErrorUnexpectedResponse, "Empty response in packet"
   109  		}
   110  		if response.ClassType == ber.ClassApplication && response.TagType == ber.TypeConstructed && len(response.Children) >= 3 {
   111  			// Children[1].Children[2] is the diagnosticMessage which is guaranteed to exist as seen here: https://tools.ietf.org/html/rfc4511#section-4.1.9
   112  			return uint8(response.Children[0].Value.(int64)), response.Children[2].Value.(string)
   113  		}
   114  	}
   115  
   116  	return ErrorNetwork, "Invalid packet format"
   117  }
   118  
   119  // Error holds LDAP error information
   120  type Error struct {
   121  	// Err is the underlying error
   122  	Err error
   123  	// ResultCode is the LDAP error code
   124  	ResultCode uint8
   125  }
   126  
   127  func (e *Error) Error() string {
   128  	return fmt.Sprintf("LDAP Result Code %d %q: %s", e.ResultCode, LDAPResultCodeMap[e.ResultCode], e.Err.Error())
   129  }
   130  
   131  // NewError creates an LDAP error with the given code and underlying error
   132  func NewError(resultCode uint8, err error) error {
   133  	return &Error{ResultCode: resultCode, Err: err}
   134  }
   135  
   136  // IsErrorWithCode returns true if the given error is an LDAP error with the given result code
   137  func IsErrorWithCode(err error, desiredResultCode uint8) bool {
   138  	if err == nil {
   139  		return false
   140  	}
   141  
   142  	serverError, ok := err.(*Error)
   143  	if !ok {
   144  		return false
   145  	}
   146  
   147  	return serverError.ResultCode == desiredResultCode
   148  }