1 files changed, 21 insertions, 11 deletions
diff --git a/api.go b/api.go
index 1007914..9f3ef7b 100644
--- a/api.go
+++ b/api.go
@@ -2,9 +2,9 @@ package main
 
 import (
 	//"context"
-	//"errors"
+	"errors"
 	"fmt"
-	//garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
+	garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
 	"github.com/go-ldap/ldap/v3"
 	//"github.com/gorilla/mux"
 	"log"
@@ -12,12 +12,12 @@ import (
 	"strings"
 )
 
-func checkLoginAPI(w http.ResponseWriter, r *http.Request) *LoginStatus {
+func checkLoginAPI(w http.ResponseWriter, r *http.Request) (*LoginStatus, error) {
 	username, password, ok := r.BasicAuth()
 	if !ok {
 		w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
 		http.Error(w, "Unauthorized", http.StatusUnauthorized)
-		return nil
+		return nil, errors.New("Missing or invalid 'Authenticate: Basic' field")
 	}
 	user_dn := buildUserDN(username)
 
@@ -31,14 +31,14 @@ func checkLoginAPI(w http.ResponseWriter, r *http.Request) *LoginStatus {
 	if l == nil {
 		log.Println(l)
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
-		return nil
+		return nil, errors.New("Unable to open LDAP connection")
 	}
 
 	err := l.Bind(login_info.DN, login_info.Password)
 	if err != nil {
 		w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
 		http.Error(w, "Unauthorized", http.StatusUnauthorized)
-		return nil
+		return nil, errors.New("Unable to bind this user+password combination on the LDAP server")
 	}
 
 	loginStatus := &LoginStatus{
@@ -73,13 +73,13 @@ func checkLoginAPI(w http.ResponseWriter, r *http.Request) *LoginStatus {
 	if err != nil {
 		log.Println(err)
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
-		return nil
+		return nil, errors.New("Unable to search essential information about the logged user on LDAP")
 	}
 
 	if len(sr.Entries) != 1 {
 		log.Println(fmt.Sprintf("Unable to find entry for %s", login_info.DN))
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
-		return nil
+		return nil, errors.New("Not enough or too many entries for this user in the LDAP directory (expect a unique result)")
 	}
 
 	loginStatus.UserEntry = sr.Entries[0]
@@ -99,16 +99,26 @@ func checkLoginAPI(w http.ResponseWriter, r *http.Request) *LoginStatus {
 		}
 	}
 
-	return loginStatus
+	return loginStatus, nil
+}
+
+func checkLoginAndS3API(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
+	login, err := checkLoginAPI(w, r)
+	if err != nil {
+		return nil, nil, err
+	}
+	keyPair, err := checkS3(login)
+	return login, keyPair, err
 }
 
 func handleAPIGarageBucket(w http.ResponseWriter, r *http.Request) {
-	login, s3key, err := checkLoginAndS3(w, r)
+	login, s3key, err := checkLoginAndS3API(w, r)
 	if err != nil {
 		log.Println(err)
 		return
 	}
-	log.Println(login,s3key)
+
+	log.Println(login, s3key)
 
 	return
 }