failing token invites fail with 401; display a hint about --token in the cli error message (#172)

cmd/zrok/invite.go

@@ -83,6 +83,7 @@ func (cmd *inviteCommand) run(_ *cobra.Command, _ []string) {
 func (cmd *inviteCommand) endpointError(apiEndpoint, _ string) {
 	fmt.Printf("%v\n\n", tui.SeriousBusiness.Render("there was a problem creating an invitation!"))
 	fmt.Printf("you are trying to use the zrok service at: %v\n\n", tui.Code.Render(apiEndpoint))
+	fmt.Printf("%v\n\n", tui.Attention.Render("should you be using a --token? check with your instance administrator!"))
 	fmt.Printf("you can change your zrok service endpoint using this command:\n\n")
 	fmt.Printf("%v\n\n", tui.Code.Render("$ zrok config set apiEndpoint <newEndpoint>"))
 	fmt.Printf("(where newEndpoint is something like: %v)\n\n", tui.Code.Render("https://some.zrok.io"))

controller/invite.go

@@ -41,7 +41,7 @@ func (self *inviteHandler) Handle(params account.InviteParams) middleware.Respon
 		inviteToken, err := str.GetInviteTokenByToken(params.Body.Token, tx)
 		if err != nil {
 			logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.Token, params.Body.Email, err)
-			return account.NewInviteBadRequest()
+			return account.NewInviteUnauthorized()
 		}
 		if err := str.DeleteInviteToken(inviteToken.Id, tx); err != nil {
 			logrus.Error(err)

rest_client_zrok/account/invite_responses.go

@@ -32,6 +32,12 @@ func (o *InviteReader) ReadResponse(response runtime.ClientResponse, consumer ru
 			return nil, err
 		}
 		return nil, result
+	case 401:
+		result := NewInviteUnauthorized()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
 	case 500:
 		result := NewInviteInternalServerError()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
@@ -145,6 +151,57 @@ func (o *InviteBadRequest) readResponse(response runtime.ClientResponse, consume
 	return nil
 }
 
+// NewInviteUnauthorized creates a InviteUnauthorized with default headers values
+func NewInviteUnauthorized() *InviteUnauthorized {
+	return &InviteUnauthorized{}
+}
+
+/*
+InviteUnauthorized describes a response with status code 401, with default header values.
+
+unauthorized
+*/
+type InviteUnauthorized struct {
+}
+
+// IsSuccess returns true when this invite unauthorized response has a 2xx status code
+func (o *InviteUnauthorized) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this invite unauthorized response has a 3xx status code
+func (o *InviteUnauthorized) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this invite unauthorized response has a 4xx status code
+func (o *InviteUnauthorized) IsClientError() bool {
+	return true
+}
+
+// IsServerError returns true when this invite unauthorized response has a 5xx status code
+func (o *InviteUnauthorized) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this invite unauthorized response a status code equal to that given
+func (o *InviteUnauthorized) IsCode(code int) bool {
+	return code == 401
+}
+
+func (o *InviteUnauthorized) Error() string {
+	return fmt.Sprintf("[POST /invite][%d] inviteUnauthorized ", 401)
+}
+
+func (o *InviteUnauthorized) String() string {
+	return fmt.Sprintf("[POST /invite][%d] inviteUnauthorized ", 401)
+}
+
+func (o *InviteUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
 // NewInviteInternalServerError creates a InviteInternalServerError with default headers values
 func NewInviteInternalServerError() *InviteInternalServerError {
 	return &InviteInternalServerError{}

rest_server_zrok/embedded_spec.go

@@ -425,6 +425,9 @@ func init() {
           "400": {
             "description": "invitation not created (already exists)"
           },
+          "401": {
+            "description": "unauthorized"
+          },
           "500": {
             "description": "internal server error"
           }
@@ -1596,6 +1599,9 @@ func init() {
           "400": {
             "description": "invitation not created (already exists)"
           },
+          "401": {
+            "description": "unauthorized"
+          },
           "500": {
             "description": "internal server error"
           }

rest_server_zrok/operations/account/invite_responses.go

@@ -61,6 +61,31 @@ func (o *InviteBadRequest) WriteResponse(rw http.ResponseWriter, producer runtim
 	rw.WriteHeader(400)
 }
 
+// InviteUnauthorizedCode is the HTTP code returned for type InviteUnauthorized
+const InviteUnauthorizedCode int = 401
+
+/*
+InviteUnauthorized unauthorized
+
+swagger:response inviteUnauthorized
+*/
+type InviteUnauthorized struct {
+}
+
+// NewInviteUnauthorized creates InviteUnauthorized with default headers values
+func NewInviteUnauthorized() *InviteUnauthorized {
+
+	return &InviteUnauthorized{}
+}
+
+// WriteResponse to the client
+func (o *InviteUnauthorized) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(401)
+}
+
 // InviteInternalServerErrorCode is the HTTP code returned for type InviteInternalServerError
 const InviteInternalServerErrorCode int = 500
 

specs/zrok.yml

@@ -30,6 +30,8 @@ paths:
           description: invitation created
         400:
           description: invitation not created (already exists)
+        401:
+          description: unauthorized
         500:
           description: internal server error