diff --git a/cmd/admin-handlers-users.go b/cmd/admin-handlers-users.go index 8488a95ba..e7c6d4c25 100644 --- a/cmd/admin-handlers-users.go +++ b/cmd/admin-handlers-users.go @@ -2308,7 +2308,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) { // clean import. err := globalIAMSys.DeleteServiceAccount(ctx, svcAcctReq.AccessKey, true) if err != nil { - delErr := fmt.Errorf("failed to delete existing service account(%s) before importing it: %w", svcAcctReq.AccessKey, err) + delErr := fmt.Errorf("failed to delete existing service account (%s) before importing it: %w", svcAcctReq.AccessKey, err) writeErrorResponseJSON(ctx, w, importError(ctx, delErr, allSvcAcctsFile, user), r.URL) return } diff --git a/cmd/iam-object-store.go b/cmd/iam-object-store.go index 6a1bf567c..c874b728a 100644 --- a/cmd/iam-object-store.go +++ b/cmd/iam-object-store.go @@ -495,7 +495,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam for _, item := range regUsersList { userName := path.Dir(item) if err := iamOS.loadUser(ctx, userName, regUser, cache.iamUsersMap); err != nil && err != errNoSuchUser { - return fmt.Errorf("unable to load the user `%s`: %w", userName, err) + return fmt.Errorf("unable to load the user: %w", err) } } if took := time.Since(regUsersLoadStartTime); took > maxIAMLoadOpTime { @@ -510,7 +510,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam for _, item := range groupsList { group := path.Dir(item) if err := iamOS.loadGroup(ctx, group, cache.iamGroupsMap); err != nil && err != errNoSuchGroup { - return fmt.Errorf("unable to load the group `%s`: %w", group, err) + return fmt.Errorf("unable to load the group: %w", err) } } if took := time.Since(groupsLoadStartTime); took > maxIAMLoadOpTime { @@ -524,7 +524,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam for _, item := range userPolicyMappingsList { userName := strings.TrimSuffix(item, ".json") if err := iamOS.loadMappedPolicy(ctx, userName, regUser, false, cache.iamUserPolicyMap); err != nil && !errors.Is(err, errNoSuchPolicy) { - return fmt.Errorf("unable to load the policy mapping for the user `%s`: %w", userName, err) + return fmt.Errorf("unable to load the policy mapping for the user: %w", err) } } if took := time.Since(userPolicyMappingLoadStartTime); took > maxIAMLoadOpTime { @@ -537,7 +537,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam for _, item := range groupPolicyMappingsList { groupName := strings.TrimSuffix(item, ".json") if err := iamOS.loadMappedPolicy(ctx, groupName, regUser, true, cache.iamGroupPolicyMap); err != nil && !errors.Is(err, errNoSuchPolicy) { - return fmt.Errorf("unable to load the policy mapping for the group `%s`: %w", groupName, err) + return fmt.Errorf("unable to load the policy mapping for the group: %w", err) } } if took := time.Since(groupPolicyMappingLoadStartTime); took > maxIAMLoadOpTime { @@ -551,7 +551,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam for _, item := range svcAccList { userName := path.Dir(item) if err := iamOS.loadUser(ctx, userName, svcUser, svcUsersMap); err != nil && err != errNoSuchUser { - return fmt.Errorf("unable to load the service account `%s`: %w", userName, err) + return fmt.Errorf("unable to load the service account: %w", err) } } if took := time.Since(svcAccLoadStartTime); took > maxIAMLoadOpTime { @@ -580,7 +580,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam // OIDC/AssumeRoleWithCustomToken/AssumeRoleWithCertificate). err := iamOS.loadMappedPolicy(ctx, svcParent, stsUser, false, cache.iamSTSPolicyMap) if err != nil && !errors.Is(err, errNoSuchPolicy) { - return fmt.Errorf("unable to load the policy mapping for the STS user `%s`: %w", svcParent, err) + return fmt.Errorf("unable to load the policy mapping for the STS user: %w", err) } } } diff --git a/cmd/iam.go b/cmd/iam.go index c6ba2f3a5..56a2bf080 100644 --- a/cmd/iam.go +++ b/cmd/iam.go @@ -1574,11 +1574,11 @@ func (sys *IAMSys) NormalizeLDAPAccessKeypairs(ctx context.Context, accessKeyMap // server and is under a configured base DN. validatedParent, isUnderBaseDN, err := sys.LDAPConfig.GetValidatedUserDN(conn, parent) if err != nil { - collectedErrors = append(collectedErrors, fmt.Errorf("could not validate `%s` exists in LDAP directory: %w", parent, err)) + collectedErrors = append(collectedErrors, fmt.Errorf("could not validate parent exists in LDAP directory: %w", err)) continue } if validatedParent == nil || !isUnderBaseDN { - err := fmt.Errorf("DN `%s` was not found in the LDAP directory", parent) + err := fmt.Errorf("DN parent was not found in the LDAP directory") collectedErrors = append(collectedErrors, err) continue } @@ -1593,11 +1593,11 @@ func (sys *IAMSys) NormalizeLDAPAccessKeypairs(ctx context.Context, accessKeyMap // configured base DN. validatedGroup, _, err := sys.LDAPConfig.GetValidatedGroupDN(conn, group) if err != nil { - collectedErrors = append(collectedErrors, fmt.Errorf("could not validate `%s` exists in LDAP directory: %w", group, err)) + collectedErrors = append(collectedErrors, fmt.Errorf("could not validate group exists in LDAP directory: %w", err)) continue } if validatedGroup == nil { - err := fmt.Errorf("DN `%s` was not found in the LDAP directory", group) + err := fmt.Errorf("DN group was not found in the LDAP directory") collectedErrors = append(collectedErrors, err) continue } @@ -1687,7 +1687,7 @@ func (sys *IAMSys) NormalizeLDAPMappingImport(ctx context.Context, isGroup bool, continue } if validatedDN == nil || !underBaseDN { - err := fmt.Errorf("DN `%s` was not found in the LDAP directory", k) + err := fmt.Errorf("DN was not found in the LDAP directory") collectedErrors = append(collectedErrors, err) continue } diff --git a/cmd/site-replication.go b/cmd/site-replication.go index 672f2a31e..d61fd21b5 100644 --- a/cmd/site-replication.go +++ b/cmd/site-replication.go @@ -5390,7 +5390,7 @@ func (c *SiteReplicationSys) healUserPolicies(ctx context.Context, objAPI Object UpdatedAt: lastUpdate, }) if err != nil { - replLogOnceIf(ctx, fmt.Errorf("Unable to heal IAM user policy mapping for %s from peer site %s -> site %s : %w", user, latestPeerName, peerName, err), + replLogOnceIf(ctx, fmt.Errorf("Unable to heal IAM user policy mapping from peer site %s -> site %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-policy-%s", user)) } } @@ -5455,7 +5455,7 @@ func (c *SiteReplicationSys) healGroupPolicies(ctx context.Context, objAPI Objec }) if err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal IAM group policy mapping for %s from peer site %s -> site %s : %w", group, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal IAM group policy mapping for from peer site %s -> site %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-group-policy-%s", group)) } } @@ -5518,7 +5518,7 @@ func (c *SiteReplicationSys) healUsers(ctx context.Context, objAPI ObjectLayer, claims, err := globalIAMSys.GetClaimsForSvcAcc(ctx, creds.AccessKey) if err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal service account %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal service account from peer site %s -> %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-%s", user)) continue } @@ -5526,7 +5526,7 @@ func (c *SiteReplicationSys) healUsers(ctx context.Context, objAPI ObjectLayer, _, policy, err := globalIAMSys.GetServiceAccount(ctx, creds.AccessKey) if err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal service account %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal service account from peer site %s -> %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-%s", user)) continue } @@ -5536,7 +5536,7 @@ func (c *SiteReplicationSys) healUsers(ctx context.Context, objAPI ObjectLayer, policyJSON, err = json.Marshal(policy) if err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal service account %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal service account from peer site %s -> %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-%s", user)) continue } @@ -5561,7 +5561,7 @@ func (c *SiteReplicationSys) healUsers(ctx context.Context, objAPI ObjectLayer, UpdatedAt: lastUpdate, }); err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal service account %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal service account from peer site %s -> %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-%s", user)) } continue @@ -5576,7 +5576,7 @@ func (c *SiteReplicationSys) healUsers(ctx context.Context, objAPI ObjectLayer, // be applied. if !errors.Is(err, errNoSuchUser) { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal temporary credentials %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal temporary credentials from peer site %s -> %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-%s", user)) continue } @@ -5596,7 +5596,7 @@ func (c *SiteReplicationSys) healUsers(ctx context.Context, objAPI ObjectLayer, UpdatedAt: lastUpdate, }); err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal temporary credentials %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal temporary credentials from peer site %s -> %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-%s", user)) } continue @@ -5614,7 +5614,7 @@ func (c *SiteReplicationSys) healUsers(ctx context.Context, objAPI ObjectLayer, UpdatedAt: lastUpdate, }); err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal user %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal user from peer site %s -> %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-user-%s", user)) } } @@ -5680,7 +5680,7 @@ func (c *SiteReplicationSys) healGroups(ctx context.Context, objAPI ObjectLayer, UpdatedAt: lastUpdate, }); err != nil { replLogOnceIf(ctx, - fmt.Errorf("Unable to heal group %s from peer site %s -> site %s : %w", group, latestPeerName, peerName, err), + fmt.Errorf("Unable to heal group from peer site %s -> site %s : %w", latestPeerName, peerName, err), fmt.Sprintf("heal-group-%s", group)) } } diff --git a/internal/config/identity/openid/provider/keycloak.go b/internal/config/identity/openid/provider/keycloak.go index 11f54ef52..3e9648d6c 100644 --- a/internal/config/identity/openid/provider/keycloak.go +++ b/internal/config/identity/openid/provider/keycloak.go @@ -117,7 +117,7 @@ func (k *KeycloakProvider) LookupUser(userid string) (User, error) { case http.StatusUnauthorized: return User{}, ErrAccessTokenExpired } - return User{}, fmt.Errorf("Unable to lookup %s - keycloak user lookup returned %v", userid, resp.Status) + return User{}, fmt.Errorf("Unable to lookup - keycloak user lookup returned %v", resp.Status) } // Option is a function type that accepts a pointer Target