3 files changed, 21 insertions, 10 deletions

diff --git a/internal/processing/streaming/authorize.go b/internal/processing/streaming/authorize.go
index 9f014e723..70e4741e1 100644
--- a/internal/processing/streaming/authorize.go
+++ b/internal/processing/streaming/authorize.go
@@ -22,29 +22,40 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/superseriousbusiness/gotosocial/internal/db"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
 )
 
-func (p *processor) AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, error) {
+func (p *processor) AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, gtserror.WithCode) {
 	ti, err := p.oauthServer.LoadAccessToken(ctx, accessToken)
 	if err != nil {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: error loading access token: %s", err)
+		err := fmt.Errorf("could not load access token: %s", err)
+		return nil, gtserror.NewErrorUnauthorized(err)
 	}
 
 	uid := ti.GetUserID()
 	if uid == "" {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: no userid in token")
+		err := fmt.Errorf("no userid in token")
+		return nil, gtserror.NewErrorUnauthorized(err)
 	}
 
-	// fetch user's and account for this user id
 	user := &gtsmodel.User{}
-	if err := p.db.GetByID(ctx, uid, user); err != nil || user == nil {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: no user found for validated uid %s", uid)
+	if err := p.db.GetByID(ctx, uid, user); err != nil {
+		if err == db.ErrNoEntries {
+			err := fmt.Errorf("no user found for validated uid %s", uid)
+			return nil, gtserror.NewErrorUnauthorized(err)
+		}
+		return nil, gtserror.NewErrorInternalError(err)
 	}
 
 	acct, err := p.db.GetAccountByID(ctx, user.AccountID)
-	if err != nil || acct == nil {
-		return nil, fmt.Errorf("AuthorizeStreamingRequest: no account retrieved for user with id %s", uid)
+	if err != nil {
+		if err == db.ErrNoEntries {
+			err := fmt.Errorf("no account found for validated uid %s", uid)
+			return nil, gtserror.NewErrorUnauthorized(err)
+		}
+		return nil, gtserror.NewErrorInternalError(err)
 	}
 
 	return acct, nil
diff --git a/internal/processing/streaming/authorize_test.go b/internal/processing/streaming/authorize_test.go
index b6b1db729..51cec38be 100644
--- a/internal/processing/streaming/authorize_test.go
+++ b/internal/processing/streaming/authorize_test.go
@@ -39,7 +39,7 @@ func (suite *AuthorizeTestSuite) TestAuthorize() {
 	suite.Equal(suite.testAccounts["local_account_2"].ID, account2.ID)
 
 	noAccount, err := suite.streamingProcessor.AuthorizeStreamingRequest(context.Background(), "aaaaaaaaaaaaaaaaaaaaa!!")
-	suite.EqualError(err, "AuthorizeStreamingRequest: error loading access token: no entries")
+	suite.EqualError(err, "could not load access token: no entries")
 	suite.Nil(noAccount)
 }
 
diff --git a/internal/processing/streaming/streaming.go b/internal/processing/streaming/streaming.go
index defe52a9c..88c8dde05 100644
--- a/internal/processing/streaming/streaming.go
+++ b/internal/processing/streaming/streaming.go
@@ -33,7 +33,7 @@ import (
 // Processor wraps a bunch of functions for processing streaming.
 type Processor interface {
 	// AuthorizeStreamingRequest returns an oauth2 token info in response to an access token query from the streaming API
-	AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, error)
+	AuthorizeStreamingRequest(ctx context.Context, accessToken string) (*gtsmodel.Account, gtserror.WithCode)
 	// OpenStreamForAccount returns a new Stream for the given account, which will contain a channel for passing messages back to the caller.
 	OpenStreamForAccount(ctx context.Context, account *gtsmodel.Account, timeline string) (*stream.Stream, gtserror.WithCode)
 	// StreamUpdateToAccount streams the given update to any open, appropriate streams belonging to the given account.