[feature] More consistent API error handling (#637)

* update templates

* start reworking api error handling

* update template

* return AP status at web endpoint if negotiated

* start making api error handling much more consistent

* update account endpoints to new error handling

* use new api error handling in admin endpoints

* go fmt ./...

* use api error logic in app

* use generic error handling in auth

* don't export generic error handler

* don't defer clearing session

* user nicer error handling on oidc callback handler

* tidy up the sign in handler

* tidy up the token handler

* use nicer error handling in blocksget

* auth emojis endpoint

* fix up remaining api endpoints

* fix whoopsie during login flow

* regenerate swagger docs

* change http error logging to debug

internal/processing/streaming/authorize.go

@@ -22,29 +22,40 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/superseriousbusiness/gotosocial/internal/db"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
 )
 
-func (p *processor) AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, error) {
+func (p *processor) AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, gtserror.WithCode) {
 	ti, err := p.oauthServer.LoadAccessToken(ctx, accessToken)
 	if err != nil {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: error loading access token: %s", err)
+		err := fmt.Errorf("could not load access token: %s", err)
+		return nil, gtserror.NewErrorUnauthorized(err)
 	}
 
 	uid := ti.GetUserID()
 	if uid == "" {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: no userid in token")
+		err := fmt.Errorf("no userid in token")
+		return nil, gtserror.NewErrorUnauthorized(err)
 	}
 
-	// fetch user's and account for this user id
 	user := &gtsmodel.User{}
-	if err := p.db.GetByID(ctx, uid, user); err != nil || user == nil {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: no user found for validated uid %s", uid)
+	if err := p.db.GetByID(ctx, uid, user); err != nil {
+		if err == db.ErrNoEntries {
+			err := fmt.Errorf("no user found for validated uid %s", uid)
+			return nil, gtserror.NewErrorUnauthorized(err)
+		}
+		return nil, gtserror.NewErrorInternalError(err)
 	}
 
 	acct, err := p.db.GetAccountByID(ctx, user.AccountID)
-	if err != nil || acct == nil {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: no account retrieved for user with id %s", uid)
+	if err != nil {
+		if err == db.ErrNoEntries {
+			err := fmt.Errorf("no account found for validated uid %s", uid)
+			return nil, gtserror.NewErrorUnauthorized(err)
+		}
+		return nil, gtserror.NewErrorInternalError(err)
 	}
 
 	return acct, nil

internal/processing/streaming/authorize_test.go

@@ -39,7 +39,7 @@ func (suite *AuthorizeTestSuite) TestAuthorize() {
 	suite.Equal(suite.testAccounts["local_account_2"].ID, account2.ID)
 
 	noAccount, err := suite.streamingProcessor.AuthorizeStreamingRequest(context.Background(), "aaaaaaaaaaaaaaaaaaaaa!!")
-	suite.EqualError(err, "AuthorizeStreamingRequest: error loading access token: no entries")
+	suite.EqualError(err, "could not load access token: no entries")
 	suite.Nil(noAccount)
 }
 

internal/processing/streaming/streaming.go

@@ -33,7 +33,7 @@ import (
 // Processor wraps a bunch of functions for processing streaming.
 type Processor interface {
 	// AuthorizeStreamingRequest returns an oauth2 token info in response to an access token query from the streaming API
-	AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, error)
+	AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, gtserror.WithCode)
 	// OpenStreamForAccount returns a new Stream for the given account, which will contain a channel for passing messages back to the caller.
 	OpenStreamForAccount(ctx context.Context, account *gtsmodel.Account, timeline string) (*stream.Stream, gtserror.WithCode)
 	// StreamUpdateToAccount streams the given update to any open, appropriate streams belonging to the given account.