private function KeyEntityFormEnhancer::createSuggestion in Apigee Edge 8
Creates a suggestion text to be displayed in the connection failed message.
Parameters
\Exception $exception: The thrown exception during form validation.
\Drupal\key\KeyInterface $key: The used key during form validation.
Return value
\Drupal\Component\Render\MarkupInterface The suggestion text to be displayed.
1 call to KeyEntityFormEnhancer::createSuggestion()
- KeyEntityFormEnhancer::validateForm in src/
KeyEntityFormEnhancer.php - Additional validation handler for Apigee Edge authentication key forms.
File
- src/
KeyEntityFormEnhancer.php, line 463
Class
- KeyEntityFormEnhancer
- Enhances Apigee Edge related Key entity add/edit forms.
Namespace
Drupal\apigee_edgeCode
private function createSuggestion(\Exception $exception, KeyInterface $key) : MarkupInterface {
$fail_text = $this
->t('Failed to connect to Apigee Edge.');
// General error message.
$suggestion = $this
->t('@fail_text', [
'@fail_text' => $fail_text,
]);
/** @var \Drupal\apigee_edge\Plugin\KeyType\ApigeeAuthKeyType $key_type */
$key_type = $key
->getKeyType();
if ($exception instanceof AuthenticationKeyException) {
$suggestion = $this
->t('@fail_text Verify the Apigee Edge connection settings.', [
'@fail_text' => $fail_text,
]);
}
elseif ($exception instanceof ApigeeOnGcpOauth2AuthenticationException) {
$fail_text = $this
->t('Failed to connect to the authorization server.');
// General error message.
$suggestion = $this
->t('@fail_text Check the debug information below for more details.', [
'@fail_text' => $fail_text,
]);
// Invalid key / OpenSSL unable to sign data.
if ($exception
->getPrevious() && $exception
->getPrevious() instanceof \DomainException) {
$suggestion = $this
->t('@fail_text The private key in the GCP service account key JSON is invalid.', [
'@fail_text' => $fail_text,
]);
}
}
elseif ($exception instanceof OauthAuthenticationException) {
$fail_text = $this
->t('Failed to connect to the OAuth authorization server.');
// General error message.
$suggestion = $this
->t('@fail_text Check the debug information below for more details.', [
'@fail_text' => $fail_text,
]);
// Invalid credentials.
if ($exception
->getCode() === 401) {
// Invalid credentials using defined client_id/client_secret.
if ($key_type
->getClientId($key) !== Oauth::DEFAULT_CLIENT_ID || $key_type
->getClientSecret($key) !== Oauth::DEFAULT_CLIENT_SECRET) {
$suggestion = $this
->t('@fail_text The given username (%username) or password or client ID (%client_id) or client secret is incorrect.', [
'@fail_text' => $fail_text,
'%client_id' => $key_type
->getClientId($key),
'%username' => $key_type
->getUsername($key),
]);
}
else {
$suggestion = $this
->t('@fail_text The given username (%username) or password is incorrect.', [
'@fail_text' => $fail_text,
'%username' => $key_type
->getUsername($key),
]);
}
}
elseif ($exception
->getCode() === 0) {
if ($exception
->getPrevious() instanceof ApiRequestException && $exception
->getPrevious()
->getPrevious() instanceof NetworkException && $exception
->getPrevious()
->getPrevious()
->getPrevious() instanceof ConnectException) {
/** @var \GuzzleHttp\Exception\ConnectException $curl_exception */
$curl_exception = $exception
->getPrevious()
->getPrevious()
->getPrevious();
// Resolving timed out.
if ($curl_exception
->getHandlerContext()['errno'] === CURLE_OPERATION_TIMEDOUT) {
$suggestion = $this
->t('@fail_text The connection timeout threshold (%connect_timeout) or the request timeout (%timeout) is too low or something is wrong with the connection.', [
'@fail_text' => $fail_text,
'%connect_timeout' => $this
->config('apigee_edge.client')
->get('http_client_connect_timeout'),
'%timeout' => $this
->config('apigee_edge.client')
->get('http_client_timeout'),
]);
}
// The remote host was not resolved (authorization server).
if ($curl_exception
->getHandlerContext()['errno'] === CURLE_COULDNT_RESOLVE_HOST) {
$suggestion = $this
->t('@fail_text The given authorization server (%authorization_server) is incorrect or something is wrong with the connection.', [
'@fail_text' => $fail_text,
'%authorization_server' => $key_type
->getAuthorizationServer($key),
]);
}
}
}
}
else {
// Invalid credentials.
// TODO Remove the second condition which is a workaround for a
// regression bug in the Apigee Edge for Public Cloud 19.03.01 release. If
// valid organization name and username provided with an invalid password
// the MGMT server returns HTTP 500 with an error instead of HTTP 401.
if ($exception
->getCode() === 401 || $exception
->getCode() === 500 && $exception
->getEdgeErrorCode() === 'usersandroles.SsoInternalServerError') {
// If on public cloud, the username should be an email.
if ($key_type
->getInstanceType($key) === EdgeKeyTypeInterface::INSTANCE_TYPE_PUBLIC && !$this->emailValidator
->isValid($key_type
->getUsername($key))) {
$suggestion = $this
->t('@fail_text The organization username should be a valid email.', [
'@fail_text' => $fail_text,
]);
}
else {
$suggestion = $this
->t('@fail_text The given username (%username) or password is incorrect.', [
'@fail_text' => $fail_text,
'%username' => $key_type
->getUsername($key),
]);
}
}
elseif ($exception
->getCode() === 404) {
$suggestion = $this
->t('@fail_text The given organization name (%organization) is incorrect.', [
'@fail_text' => $fail_text,
'%organization' => $key_type
->getOrganization($key),
]);
}
elseif ($exception
->getCode() === 0) {
if ($exception
->getPrevious() instanceof NetworkException && $exception
->getPrevious()
->getPrevious() instanceof ConnectException) {
/** @var \GuzzleHttp\Exception\ConnectException $curl_exception */
$curl_exception = $exception
->getPrevious()
->getPrevious();
// Resolving timed out.
if ($curl_exception
->getHandlerContext()['errno'] === CURLE_OPERATION_TIMEDOUT) {
$suggestion = $this
->t('@fail_text The connection timeout threshold (%connect_timeout) or the request timeout (%timeout) is too low or something is wrong with the connection.', [
'@fail_text' => $fail_text,
'%connect_timeout' => $this
->config('apigee_edge.client')
->get('http_client_connect_timeout'),
'%timeout' => $this
->config('apigee_edge.client')
->get('http_client_timeout'),
]);
}
elseif ($curl_exception
->getHandlerContext()['errno'] === CURLE_COULDNT_RESOLVE_HOST) {
$suggestion = $this
->t('@fail_text The given endpoint (%endpoint) is incorrect or something is wrong with the connection.', [
'@fail_text' => $fail_text,
'%endpoint' => $key_type
->getEndpoint($key),
]);
}
}
elseif ($exception instanceof InvalidArgumentException) {
$suggestion = $this
->t('@fail_text The given endpoint (%endpoint) is incorrect or something is wrong with the connection.', [
'@fail_text' => $fail_text,
'%endpoint' => $key_type
->getEndpoint($key),
]);
}
}
}
return $suggestion;
}