diff --git a/google/internal/externalaccount/executablecredsource.go b/google/internal/externalaccount/executablecredsource.go index 2576dfd..90e8117 100644 --- a/google/internal/externalaccount/executablecredsource.go +++ b/google/internal/externalaccount/executablecredsource.go @@ -63,8 +63,8 @@ type executableResponse struct { ExpirationTime *int64 `json:"expiration_time"` IdToken *string `json:"id_token"` SamlResponse *string `json:"saml_response"` - Code *string `json:"code"` - Message *string `json:"message"` + Code string `json:"code"` + Message string `json:"message"` } func parseSubjectToken(response []byte) (string, error) { @@ -82,20 +82,10 @@ func parseSubjectToken(response []byte) (string, error) { } if !*result.Success { - details := "" - if result.Code != nil { - details += fmt.Sprintf("(%v)", *result.Code) + if result.Code == "" || result.Message == "" { + return "", errors.New("oauth2/google: Response must include `error` and `message` fields when unsuccessful.") } - if result.Message != nil { - if details != "" { - details += " " - } - details += *result.Message - } - if details == "" { - details = "Unknown Error" - } - return "", fmt.Errorf("oauth2/google: Executable returned unsuccessful response: %v.", details) + return "", fmt.Errorf("oauth2/google: Executable returned unsuccessful response: (%v) %v.", result.Code, result.Message) } if *result.Version > EXECUTABLE_SUPPORTED_MAX_VERSION { diff --git a/google/internal/externalaccount/executablecredsource_test.go b/google/internal/externalaccount/executablecredsource_test.go index 6f9afde..fec3720 100644 --- a/google/internal/externalaccount/executablecredsource_test.go +++ b/google/internal/externalaccount/executablecredsource_test.go @@ -410,8 +410,8 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithFields(t *testing return json.Marshal(executableResponse{ Success: Bool(false), Version: Int(1), - Code: String("404"), - Message: String("Token Not Found"), + Code: "404", + Message: "Token Not Found", }) } @@ -459,7 +459,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithCode(t *testing.T return json.Marshal(executableResponse{ Success: Bool(false), Version: Int(1), - Code: String("404"), + Code: "404", }) } @@ -472,7 +472,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithCode(t *testing.T if err == nil { t.Fatalf("Expected error but found none") } - if got, want := err.Error(), "oauth2/google: Executable returned unsuccessful response: (404)."; got != want { + if got, want := err.Error(), "oauth2/google: Response must include `error` and `message` fields when unsuccessful."; got != want { t.Errorf("Incorrect error received.\nExpected: %s\nRecieved: %s", want, got) } @@ -507,7 +507,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithMessage(t *testin return json.Marshal(executableResponse{ Success: Bool(false), Version: Int(1), - Message: String("Token Not Found"), + Message: "Token Not Found", }) } @@ -520,7 +520,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithMessage(t *testin if err == nil { t.Fatalf("Expected error but found none") } - if got, want := err.Error(), "oauth2/google: Executable returned unsuccessful response: Token Not Found."; got != want { + if got, want := err.Error(), "oauth2/google: Response must include `error` and `message` fields when unsuccessful."; got != want { t.Errorf("Incorrect error received.\nExpected: %s\nRecieved: %s", want, got) } @@ -567,7 +567,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithoutFields(t *test if err == nil { t.Fatalf("Expected error but found none") } - if got, want := err.Error(), "oauth2/google: Executable returned unsuccessful response: Unknown Error."; got != want { + if got, want := err.Error(), "oauth2/google: Response must include `error` and `message` fields when unsuccessful."; got != want { t.Errorf("Incorrect error received.\nExpected: %s\nRecieved: %s", want, got) }