refactoring error handling in sasl auth

foxcpp · Nov 22, 2020 · 53ed899 · 53ed899
1 parent 5d46949
commit 53ed899
Showing 1 changed file with 5 additions and 8 deletions.
diff --git a/internal/auth/sasl.go b/internal/auth/sasl.go
@@ -32,6 +32,7 @@ import (
 
 var (
 	ErrUnsupportedMech = errors.New("Unsupported SASL mechanism")
+	ErrInvalidAuthCred = errors.New("auth: invalid credentials")
 )
 
 // SASLAuth is a wrapper that initializes sasl.Server using authenticators that
@@ -63,14 +64,10 @@ func (s *SASLAuth) AuthPlain(username, password string) error {
 
 	var lastErr error
 	for _, p := range s.Plain {
-		err := p.AuthPlain(username, password)
-		if err == nil {
+		lastErr = p.AuthPlain(username, password)
+		if lastErr == nil {
 			return nil
 		}
-		if err != nil {
-			lastErr = err
-			continue
-		}
 	}
 
 	return fmt.Errorf("no auth. provider accepted creds, last err: %w", lastErr)
@@ -88,7 +85,7 @@ func (s *SASLAuth) CreateSASL(mech string, remoteAddr net.Addr, successCb func(i
 			err := s.AuthPlain(username, password)
 			if err != nil {
 				s.Log.Error("authentication failed", err, "username", username, "src_ip", remoteAddr)
-				return errors.New("auth: invalid credentials")
+				return ErrInvalidAuthCred
 			}
 
 			return successCb(identity)
@@ -98,7 +95,7 @@ func (s *SASLAuth) CreateSASL(mech string, remoteAddr net.Addr, successCb func(i
 			err := s.AuthPlain(username, password)
 			if err != nil {
 				s.Log.Error("authentication failed", err, "username", username, "src_ip", remoteAddr)
-				return errors.New("auth: invalid credentials")
+				return ErrInvalidAuthCred
 			}
 
 			return successCb(username)