Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Show friendly message when API key is expired #792

Merged
merged 3 commits into from
Dec 3, 2021
Merged

Show friendly message when API key is expired #792

merged 3 commits into from
Dec 3, 2021

Conversation

bernerd-stripe
Copy link
Contributor

Reviewers

r? @stripe/developer-products
cc @remi-stripe

Summary

The restricted API keys created by the CLI expire after 90 days, but any restricted API key can also be forcibly expired by rolling. Previously, when invoking the CLI with an expired key we would render the entire error response body (and also returned a successful exit code):

$ stripe accounts retrieve
{
  "error": {
    "code": "api_key_expired",
    "doc_url": "https://stripe.com/docs/error-codes/api-key-expired",
    "message": "Expired API Key provided: rk_test_*********************************************************************************************aaaaaa",
    "type": "invalid_request_error"
  }
}
$ echo $?
0

This updates the CLI to handle the api_key_expired error and show a tailored error message:

$ stripe accounts retrieve
The API key provided has expired. Obtain a new key from the Dashboard or run `stripe login` and try again.
$ echo $?
1

bernerd-stripe
bernerd-stripe commented Dec 2, 2021
View reviewed changes
pkg/requests/base.go
@@ -192,7 +206,7 @@ func (rb *Base) MakeRequest(ctx context.Context, apiKey, path string, params *Re

body, err := ioutil.ReadAll(resp.Body)

if errOnStatus && resp.StatusCode >= 300 {
if resp.StatusCode == 401 || (errOnStatus && resp.StatusCode >= 300) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does make unauthorized responses return an error even if errOnStatus is false, as it is for all resource commands in the CLI today. I think this is appropriate general behavior, since 401s are not otherwise recoverable?

@bernerd-stripe bernerd-stripe changed the title Bernerd friendly expired key Show friendly message when API key is expired Dec 2, 2021
pepin-stripe
pepin-stripe approved these changes Dec 2, 2021
View reviewed changes
Copy link
Contributor

@pepin-stripe pepin-stripe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, that looks great!

The one question I have (non blocking) is, are there other places where we might face an expired api error (stripe listen, etc) where we could leverage that?

@bernerd-stripe
Copy link
Contributor Author

The one question I have (non blocking) is, are there other places where we might face an expired api error (stripe listen, etc) where we could leverage that?

It looks like yes, but would require some more thought because stripe listen uses the CLI's client package directly, so it doesn't share any error processing logic with the requests package.

@bernerd-stripe bernerd-stripe merged commit 720733d into master Dec 3, 2021
@bernerd-stripe bernerd-stripe deleted the bernerd-friendly-expired-key branch December 3, 2021 18:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pepin-stripe pepin-stripe pepin-stripe approved these changes

Assignees

@tomer-stripe tomer-stripe

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bernerd-stripe @pepin-stripe @tomer-stripe