fix: add network specific error message to avoid confusion (#2367)

Closes #2338
ory · Mar 1, 2021 · 56d71e6 · 56d71e6
1 parent f006556
commit 56d71e6
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 0 deletions.
diff --git a/driver/registry_base.go b/driver/registry_base.go
@@ -2,6 +2,8 @@ package driver
 
 import (
 	"context"
+	"errors"
+	"net"
 	"net/http"
 	"strings"
 	"time"
@@ -316,6 +318,12 @@ func (m *RegistryBase) ScopeStrategy() fosite.ScopeStrategy {
 
 func (m *RegistryBase) newKeyStrategy(key string) (s jwk.JWTStrategy) {
 	if err := jwk.EnsureAsymmetricKeypairExists(context.Background(), m.r, new(jwk.RS256Generator), key); err != nil {
+		var netError net.Error
+		if errors.As(err, &netError) {
+			m.Logger().WithError(err).Fatalf(`Could not ensure that signing keys for "%s" exists. A network error occurred, see error for specific details.`, key)
+			return
+		}
+
 		m.Logger().WithError(err).Fatalf(`Could not ensure that signing keys for "%s" exists. If you are running against a persistent SQL database this is most likely because your "secrets.system" ("SECRETS_SYSTEM" environment variable) is not set or changed. When running with an SQL database backend you need to make sure that the secret is set and stays the same, unless when doing key rotation. This may also happen when you forget to run "hydra migrate sql"..`, key)
 	}
 

diff --git a/driver/registry_base_test.go b/driver/registry_base_test.go
@@ -0,0 +1,42 @@
+package driver
+
+import (
+	"io/ioutil"
+	"testing"
+
+	"github.com/ory/hydra/driver/config"
+	"github.com/ory/x/configx"
+	"github.com/ory/x/logrusx"
+	"github.com/sirupsen/logrus"
+	"github.com/sirupsen/logrus/hooks/test"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestRegistryBase_newKeyStrategy_handlesNetworkError(t *testing.T) {
+	// Test ensures any network specific error is logged with a
+	// specific message when attempting to create a new key strategy: issue #2338
+
+	hook := test.Hook{} // Test hook for asserting log messages
+
+	l := logrusx.New("", "", logrusx.WithHook(&hook))
+	l.Logrus().SetOutput(ioutil.Discard)
+	l.Logrus().ExitFunc = func(int) {} // Override the exit func to avoid call to os.Exit
+
+	// Create a config and set a valid but unresolvable DSN
+	c := config.MustNew(l, configx.WithConfigFiles("../internal/.hydra.yaml"))
+	c.MustSet(config.KeyDSN, "postgres://user:password@127.0.0.1:9999/postgres")
+
+	registry, err := NewRegistryFromDSN(c, l)
+	if err != nil {
+		t.Error("failed to create registry: ", err)
+		return
+	}
+
+	registryBase := RegistryBase{r: registry, l: l}
+
+	strategy := registryBase.newKeyStrategy("key")
+
+	assert.Equal(t, nil, strategy)
+	assert.Equal(t, logrus.FatalLevel, hook.LastEntry().Level)
+	assert.Contains(t, hook.LastEntry().Message, "A network error occurred, see error for specific details.")
+}