[feature] More consistent API error handling (#637)

* update templates

* start reworking api error handling

* update template

* return AP status at web endpoint if negotiated

* start making api error handling much more consistent

* update account endpoints to new error handling

* use new api error handling in admin endpoints

* go fmt ./...

* use api error logic in app

* use generic error handling in auth

* don't export generic error handler

* don't defer clearing session

* user nicer error handling on oidc callback handler

* tidy up the sign in handler

* tidy up the token handler

* use nicer error handling in blocksget

* auth emojis endpoint

* fix up remaining api endpoints

* fix whoopsie during login flow

* regenerate swagger docs

* change http error logging to debug

5 files changed, 27 insertions, 24 deletions

diff --git a/internal/processing/account/account.go b/internal/processing/account/account.go
index 2a27fc743..56dfb90e9 100644
--- a/internal/processing/account/account.go
+++ b/internal/processing/account/account.go
@@ -40,7 +40,7 @@ import (
 // Processor wraps a bunch of functions for processing account actions.
 type Processor interface {
 	// Create processes the given form for creating a new account, returning an oauth token for that account if successful.
-	Create(ctx context.Context, applicationToken oauth2.TokenInfo, application *gtsmodel.Application, form *apimodel.AccountCreateRequest) (*apimodel.Token, error)
+	Create(ctx context.Context, applicationToken oauth2.TokenInfo, application *gtsmodel.Application, form *apimodel.AccountCreateRequest) (*apimodel.Token, gtserror.WithCode)
 	// Delete deletes an account, and all of that account's statuses, media, follows, notifications, etc etc etc.
 	// The origin passed here should be either the ID of the account doing the delete (can be itself), or the ID of a domain block.
 	Delete(ctx context.Context, account *gtsmodel.Account, origin string) gtserror.WithCode
@@ -52,7 +52,7 @@ type Processor interface {
 	// GetLocalByUsername processes the given request for account information targeting a local account by username.
 	GetLocalByUsername(ctx context.Context, requestingAccount *gtsmodel.Account, username string) (*apimodel.Account, gtserror.WithCode)
 	// Update processes the update of an account with the given form
-	Update(ctx context.Context, account *gtsmodel.Account, form *apimodel.UpdateCredentialsRequest) (*apimodel.Account, error)
+	Update(ctx context.Context, account *gtsmodel.Account, form *apimodel.UpdateCredentialsRequest) (*apimodel.Account, gtserror.WithCode)
 	// StatusesGet fetches a number of statuses (in time descending order) from the given account, filtered by visibility for
 	// the account given in authed.
 	StatusesGet(ctx context.Context, requestingAccount *gtsmodel.Account, targetAccountID string, limit int, excludeReplies bool, excludeReblogs bool, maxID string, minID string, pinned bool, mediaOnly bool, publicOnly bool) (*apimodel.TimelineResponse, gtserror.WithCode)
diff --git a/internal/processing/account/create.go b/internal/processing/account/create.go
index 72626220b..44d6bbea5 100644
--- a/internal/processing/account/create.go
+++ b/internal/processing/account/create.go
@@ -27,29 +27,30 @@ import (
 	"github.com/superseriousbusiness/gotosocial/internal/ap"
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
 	"github.com/superseriousbusiness/gotosocial/internal/messages"
 	"github.com/superseriousbusiness/gotosocial/internal/text"
 	"github.com/superseriousbusiness/oauth2/v4"
 )
 
-func (p *processor) Create(ctx context.Context, applicationToken oauth2.TokenInfo, application *gtsmodel.Application, form *apimodel.AccountCreateRequest) (*apimodel.Token, error) {
+func (p *processor) Create(ctx context.Context, applicationToken oauth2.TokenInfo, application *gtsmodel.Application, form *apimodel.AccountCreateRequest) (*apimodel.Token, gtserror.WithCode) {
 	l := logrus.WithField("func", "accountCreate")
 
 	emailAvailable, err := p.db.IsEmailAvailable(ctx, form.Email)
 	if err != nil {
-		return nil, err
+		return nil, gtserror.NewErrorBadRequest(err)
 	}
 	if !emailAvailable {
-		return nil, fmt.Errorf("email address %s in use", form.Email)
+		return nil, gtserror.NewErrorConflict(fmt.Errorf("email address %s is not available", form.Email))
 	}
 
 	usernameAvailable, err := p.db.IsUsernameAvailable(ctx, form.Username)
 	if err != nil {
-		return nil, err
+		return nil, gtserror.NewErrorBadRequest(err)
 	}
 	if !usernameAvailable {
-		return nil, fmt.Errorf("username %s in use", form.Username)
+		return nil, gtserror.NewErrorConflict(fmt.Errorf("username %s in use", form.Username))
 	}
 
 	reasonRequired := config.GetAccountsReasonRequired()
@@ -64,19 +65,19 @@ func (p *processor) Create(ctx context.Context, applicationToken oauth2.TokenInf
 	l.Trace("creating new username and account")
 	user, err := p.db.NewSignup(ctx, form.Username, text.SanitizePlaintext(reason), approvalRequired, form.Email, form.Password, form.IP, form.Locale, application.ID, false, false)
 	if err != nil {
-		return nil, fmt.Errorf("error creating new signup in the database: %s", err)
+		return nil, gtserror.NewErrorInternalError(fmt.Errorf("error creating new signup in the database: %s", err))
 	}
 
 	l.Tracef("generating a token for user %s with account %s and application %s", user.ID, user.AccountID, application.ID)
 	accessToken, err := p.oauthServer.GenerateUserAccessToken(ctx, applicationToken, application.ClientSecret, user.ID)
 	if err != nil {
-		return nil, fmt.Errorf("error creating new access token for user %s: %s", user.ID, err)
+		return nil, gtserror.NewErrorInternalError(fmt.Errorf("error creating new access token for user %s: %s", user.ID, err))
 	}
 
 	if user.Account == nil {
 		a, err := p.db.GetAccountByID(ctx, user.AccountID)
 		if err != nil {
-			return nil, fmt.Errorf("error getting new account from the database: %s", err)
+			return nil, gtserror.NewErrorInternalError(fmt.Errorf("error getting new account from the database: %s", err))
 		}
 		user.Account = a
 	}
diff --git a/internal/processing/account/get.go b/internal/processing/account/get.go
index 97f2f0b4a..70c1cd9fe 100644
--- a/internal/processing/account/get.go
+++ b/internal/processing/account/get.go
@@ -94,5 +94,6 @@ func (p *processor) getAccountFor(ctx context.Context, requestingAccount *gtsmod
 	if err != nil {
 		return nil, gtserror.NewErrorInternalError(fmt.Errorf("error converting account: %s", err))
 	}
+
 	return apiAccount, nil
 }
diff --git a/internal/processing/account/update.go b/internal/processing/account/update.go
index 42da40ffe..d1085845b 100644
--- a/internal/processing/account/update.go
+++ b/internal/processing/account/update.go
@@ -29,6 +29,7 @@ import (
 	"github.com/superseriousbusiness/gotosocial/internal/ap"
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
 	"github.com/superseriousbusiness/gotosocial/internal/media"
 	"github.com/superseriousbusiness/gotosocial/internal/messages"
@@ -37,7 +38,7 @@ import (
 	"github.com/superseriousbusiness/gotosocial/internal/validate"
 )
 
-func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form *apimodel.UpdateCredentialsRequest) (*apimodel.Account, error) {
+func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form *apimodel.UpdateCredentialsRequest) (*apimodel.Account, gtserror.WithCode) {
 	l := logrus.WithField("func", "AccountUpdate")
 
 	if form.Discoverable != nil {
@@ -50,14 +51,14 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 
 	if form.DisplayName != nil {
 		if err := validate.DisplayName(*form.DisplayName); err != nil {
-			return nil, err
+			return nil, gtserror.NewErrorBadRequest(err)
 		}
 		account.DisplayName = text.SanitizePlaintext(*form.DisplayName)
 	}
 
 	if form.Note != nil {
 		if err := validate.Note(*form.Note); err != nil {
-			return nil, err
+			return nil, gtserror.NewErrorBadRequest(err)
 		}
 
 		// Set the raw note before processing
@@ -66,7 +67,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 		// Process note to generate a valid HTML representation
 		note, err := p.processNote(ctx, *form.Note, account.ID)
 		if err != nil {
-			return nil, err
+			return nil, gtserror.NewErrorBadRequest(err)
 		}
 
 		// Set updated HTML-ified note
@@ -76,7 +77,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 	if form.Avatar != nil && form.Avatar.Size != 0 {
 		avatarInfo, err := p.UpdateAvatar(ctx, form.Avatar, account.ID)
 		if err != nil {
-			return nil, err
+			return nil, gtserror.NewErrorBadRequest(err)
 		}
 		account.AvatarMediaAttachmentID = avatarInfo.ID
 		account.AvatarMediaAttachment = avatarInfo
@@ -86,7 +87,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 	if form.Header != nil && form.Header.Size != 0 {
 		headerInfo, err := p.UpdateHeader(ctx, form.Header, account.ID)
 		if err != nil {
-			return nil, err
+			return nil, gtserror.NewErrorBadRequest(err)
 		}
 		account.HeaderMediaAttachmentID = headerInfo.ID
 		account.HeaderMediaAttachment = headerInfo
@@ -100,7 +101,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 	if form.Source != nil {
 		if form.Source.Language != nil {
 			if err := validate.Language(*form.Source.Language); err != nil {
-				return nil, err
+				return nil, gtserror.NewErrorBadRequest(err)
 			}
 			account.Language = *form.Source.Language
 		}
@@ -111,7 +112,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 
 		if form.Source.Privacy != nil {
 			if err := validate.Privacy(*form.Source.Privacy); err != nil {
-				return nil, err
+				return nil, gtserror.NewErrorBadRequest(err)
 			}
 			privacy := p.tc.APIVisToVis(apimodel.Visibility(*form.Source.Privacy))
 			account.Privacy = privacy
@@ -120,7 +121,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 
 	updatedAccount, err := p.db.UpdateAccount(ctx, account)
 	if err != nil {
-		return nil, fmt.Errorf("could not update account %s: %s", account.ID, err)
+		return nil, gtserror.NewErrorInternalError(fmt.Errorf("could not update account %s: %s", account.ID, err))
 	}
 
 	p.clientWorker.Queue(messages.FromClientAPI{
@@ -132,7 +133,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 
 	acctSensitive, err := p.tc.AccountToAPIAccountSensitive(ctx, updatedAccount)
 	if err != nil {
-		return nil, fmt.Errorf("could not convert account into apisensitive account: %s", err)
+		return nil, gtserror.NewErrorInternalError(fmt.Errorf("could not convert account into apisensitive account: %s", err))
 	}
 	return acctSensitive, nil
 }
diff --git a/internal/processing/account/update_test.go b/internal/processing/account/update_test.go
index 9f9b6cb77..582dc82e9 100644
--- a/internal/processing/account/update_test.go
+++ b/internal/processing/account/update_test.go
@@ -45,8 +45,8 @@ func (suite *AccountUpdateTestSuite) TestAccountUpdateSimple() {
 	}
 
 	// should get no error from the update function, and an api model account returned
-	apiAccount, err := suite.accountProcessor.Update(context.Background(), testAccount, form)
-	suite.NoError(err)
+	apiAccount, errWithCode := suite.accountProcessor.Update(context.Background(), testAccount, form)
+	suite.NoError(errWithCode)
 	suite.NotNil(apiAccount)
 
 	// fields on the profile should be updated
@@ -88,8 +88,8 @@ go check out @1happyturtle, they have a cool account!
 	}
 
 	// should get no error from the update function, and an api model account returned
-	apiAccount, err := suite.accountProcessor.Update(context.Background(), testAccount, form)
-	suite.NoError(err)
+	apiAccount, errWithCode := suite.accountProcessor.Update(context.Background(), testAccount, form)
+	suite.NoError(errWithCode)
 	suite.NotNil(apiAccount)
 
 	// fields on the profile should be updated