add wrap errors

Author: mateoHernandez123

pkg/connector/apps.go

@@ -43,7 +43,7 @@ func (o *appResourceType) List(
 	if opts.PageToken.Token == "" {
 		adminApp, err := sdkResources.NewAppResource("JumpCloud Administration", resourceTypeApp, adminAppID, nil)
 		if err != nil {
-			return nil, nil, err
+			return nil, nil, fmt.Errorf("failed to create JumpCloud Administration app resource: %w", err)
 		}
 		rv = append(rv, adminApp)
 	}
@@ -57,14 +57,14 @@ func (o *appResourceType) List(
 
 	apps, resp, err := client.ApplicationsApi.ApplicationsList(ctx).Skip(skip).Execute()
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, wrapSDKError(err, resp, "failed to list applications")
 	}
 	defer resp.Body.Close()
 
 	for i := range apps.Results {
 		ur, err := appResource(&apps.Results[i])
 		if err != nil {
-			return nil, nil, err
+			return nil, nil, fmt.Errorf("failed to construct app resource during application list: %w", err)
 		}
 		rv = append(rv, ur)
 	}
@@ -79,7 +79,7 @@ func (o *appResourceType) List(
 func appResource(app *jcapi1.Application) (*v2.Resource, error) {
 	trait, err := appTrait(app)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("failed to construct app trait during app resource creation: %w", err)
 	}
 
 	var annos annotations.Annotations
@@ -149,7 +149,7 @@ func (o *appResourceType) adminGrants(ctx context.Context, resource *v2.Resource
 
 	users, resp, err := o.ext.UserList().Skip(skip).Execute(ctx)
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, fmt.Errorf("failed to list admin users: %w", err)
 	}
 	defer resp.Body.Close()
 
@@ -163,7 +163,7 @@ func (o *appResourceType) adminGrants(ctx context.Context, resource *v2.Resource
 		// If the user is a system user, we need to fetch the user by email to get the ID
 		systemUser, err := fetchUserByEmail(ctx, client, adminUser.GetEmail())
 		if err != nil && !errors.Is(err, errUserNotFoundForEmail) {
-			return nil, nil, err
+			return nil, nil, fmt.Errorf("failed to fetch system user by email during admin grants processing: %w", err)
 		}
 		if systemUser != nil {
 			adminPrincipal = systemUser
@@ -216,7 +216,7 @@ func (o *appResourceType) Grants(
 	} else {
 		err := b.Unmarshal(opts.PageToken.Token)
 		if err != nil {
-			return nil, nil, err
+			return nil, nil, fmt.Errorf("failed to unmarshal pagination bag during app grants: %w", err)
 		}
 	}
 
@@ -229,7 +229,7 @@ func (o *appResourceType) Grants(
 	if current.Token != "" {
 		skip64, err := strconv.ParseInt(current.Token, 10, 32)
 		if err != nil {
-			return nil, nil, err
+			return nil, nil, fmt.Errorf("failed to parse skip value from pagination token during app grants: %w", err)
 		}
 		skip = int32(skip64)
 	}
@@ -247,12 +247,12 @@ func (o *appResourceType) Grants(
 	}
 
 	if req == nil {
-		return nil, nil, errors.New("unexpected state while listing application grants")
+		return nil, nil, fmt.Errorf("unexpected pagination state while listing application grants: resourceID=%s, resourceTypeID=%s", current.ResourceID, current.ResourceTypeID)
 	}
 
 	assignments, resp, err := req.Execute()
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, wrapSDKError(err, resp, "failed to list application associations")
 	}
 	defer resp.Body.Close()
 
@@ -263,7 +263,7 @@ func (o *appResourceType) Grants(
 	// pops if nextToken is empty, going to the next phase
 	err = b.Next(npt)
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, fmt.Errorf("failed to advance to next page during app grants pagination: %w", err)
 	}
 
 	for i := range assignments {
@@ -284,7 +284,7 @@ func (o *appResourceType) Grants(
 
 	pt, err := b.Marshal()
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, fmt.Errorf("failed to marshal page token after listing app grants: %w", err)
 	}
 
 	return rv, &sdkResources.SyncOpResults{NextPageToken: pt}, nil

pkg/connector/connector.go

@@ -16,6 +16,7 @@ import (
 	"github.com/conductorone/baton-sdk/pkg/uhttp"
 	"github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap"
 	"go.uber.org/zap"
+	"google.golang.org/grpc/codes"
 )
 
 type Connector struct {
@@ -52,8 +53,14 @@ func WithAPIKey(ctx context.Context, apiKey string, orgId string) Option {
 
 		c._client1 = jcapi1.NewAPIClient(cc1)
 		c._client2 = jcapi2.NewAPIClient(cc2)
+
+		baseHttpClient, err := uhttp.NewBaseHttpClientWithContext(ctx, httpClient)
+		if err != nil {
+			return err
+		}
+
 		c.ext = &ExtensionClient{
-			client: httpClient,
+			client: baseHttpClient,
 			apiKey: apiKey,
 			orgId:  orgId,
 		}
@@ -90,12 +97,16 @@ func New(ctx context.Context, opts ...Option) (*Connector, error) {
 	c := &Connector{}
 	for _, opt := range opts {
 		if err := opt(c); err != nil {
-			return nil, fmt.Errorf("failed to apply option: %w", err)
+			return nil, fmt.Errorf("failed to apply connector option during initialization: %w", err)
 		}
 	}
 
 	if c._client1 == nil || c._client2 == nil {
-		return nil, fmt.Errorf("no client configuration provided")
+		return nil, uhttp.WrapErrors(
+			codes.InvalidArgument,
+			"connector initialization failed: API client not configured",
+			fmt.Errorf("API clients not properly initialized during connector setup"),
+		)
 	}
 
 	return c, nil
@@ -147,13 +158,18 @@ func (c *Connector) Validate(ctx context.Context) (annotations.Annotations, erro
 	_, resp, err := client.DirectoriesApi.DirectoriesList(ctx).Limit(1).Execute()
 	if err != nil {
 		l.Error("DirectoriesList for Validate Failed", zap.Error(err))
-		return nil, fmt.Errorf("jumpcloud-connector: failed to verify api key: %w", err)
+		return nil, wrapSDKError(err, resp, "failed to verify api key")
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		err := fmt.Errorf("jumpcloud-connector verify returned non-200: '%d'", resp.StatusCode)
-		l.Error("Invalid Status Code from Verify", zap.Error(err))
+		code := httpStatusToGRPCCode(resp.StatusCode)
+		err := uhttp.WrapErrors(
+			code,
+			fmt.Sprintf("validate: unexpected status code %d", resp.StatusCode),
+			nil,
+		)
+		l.Error("jumpcloud-connector: Invalid Status Code from Validate", zap.Error(err))
 		return nil, err
 	}
 

pkg/connector/errors.go

@@ -0,0 +1,143 @@
+package connector
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net/http"
+	"net/url"
+
+	"github.com/conductorone/baton-sdk/pkg/uhttp"
+	"google.golang.org/grpc/codes"
+)
+
+// httpStatusToGRPCCode maps HTTP status codes to gRPC codes for error classification.
+// This helps the Baton SDK determine if errors are retryable and how to handle them.
+func httpStatusToGRPCCode(statusCode int) codes.Code {
+	switch statusCode {
+	case http.StatusBadRequest:
+		return codes.InvalidArgument
+	case http.StatusUnauthorized:
+		return codes.Unauthenticated
+	case http.StatusForbidden:
+		return codes.PermissionDenied
+	case http.StatusNotFound:
+		return codes.NotFound
+	case http.StatusConflict:
+		return codes.AlreadyExists
+	case http.StatusTooManyRequests:
+		return codes.ResourceExhausted
+	case http.StatusInternalServerError, http.StatusBadGateway, http.StatusServiceUnavailable:
+		return codes.Unavailable
+	case http.StatusGatewayTimeout:
+		return codes.DeadlineExceeded
+	default:
+		if statusCode >= 500 {
+			return codes.Unavailable
+		}
+		if statusCode >= 400 {
+			return codes.InvalidArgument
+		}
+		return codes.Unknown
+	}
+}
+
+// wrapSDKError wraps errors from the JumpCloud SDK (jcapi1/jcapi2) with appropriate gRPC codes.
+// This allows the Baton SDK to properly classify errors for retry logic and alerting.
+func wrapSDKError(err error, resp *http.Response, operation string) error {
+	if err == nil {
+		return nil
+	}
+
+	// If we don't have a response, inspect the error to classify it correctly
+	if resp == nil {
+		// Check for context errors (timeout, cancellation)
+		if errors.Is(err, context.DeadlineExceeded) {
+			return uhttp.WrapErrors(
+				codes.DeadlineExceeded,
+				fmt.Sprintf("%s: request timeout", operation),
+				err,
+			)
+		}
+		if errors.Is(err, context.Canceled) {
+			return uhttp.WrapErrors(
+				codes.Canceled,
+				fmt.Sprintf("%s: request canceled", operation),
+				err,
+			)
+		}
+
+		// Check for URL errors (configuration issues, network errors, timeouts)
+		var urlErr *url.Error
+		if errors.As(err, &urlErr) {
+			// Timeout on URL operation
+			if urlErr.Timeout() {
+				return uhttp.WrapErrors(
+					codes.DeadlineExceeded,
+					fmt.Sprintf("%s: request timeout", operation),
+					urlErr,
+				)
+			}
+
+			// Temporary network errors (DNS, connection issues)
+			if urlErr.Temporary() {
+				return uhttp.WrapErrors(
+					codes.Unavailable,
+					fmt.Sprintf("%s: temporary network error", operation),
+					urlErr,
+				)
+			}
+
+			// URL parsing errors indicate configuration issues
+			if urlErr.Op == "parse" {
+				return uhttp.WrapErrors(
+					codes.InvalidArgument,
+					fmt.Sprintf("%s: invalid URL configuration", operation),
+					urlErr,
+				)
+			}
+		}
+
+		// Default: assume it's a network/connection error (service unavailable)
+		return uhttp.WrapErrors(
+			codes.Unavailable,
+			fmt.Sprintf("%s: network or connection error", operation),
+			err,
+		)
+	}
+
+	// Map HTTP status codes to gRPC codes
+	code := httpStatusToGRPCCode(resp.StatusCode)
+	var message string
+
+	switch code {
+	case codes.InvalidArgument:
+		if resp.StatusCode == http.StatusBadRequest {
+			message = fmt.Sprintf("%s: invalid request", operation)
+		} else {
+			message = fmt.Sprintf("%s: client error (status %d)", operation, resp.StatusCode)
+		}
+	case codes.Unauthenticated:
+		message = fmt.Sprintf("%s: authentication failed", operation)
+	case codes.PermissionDenied:
+		message = fmt.Sprintf("%s: permission denied", operation)
+	case codes.NotFound:
+		message = fmt.Sprintf("%s: resource not found", operation)
+	case codes.AlreadyExists:
+		message = fmt.Sprintf("%s: resource already exists", operation)
+	case codes.ResourceExhausted:
+		message = fmt.Sprintf("%s: rate limit exceeded", operation)
+	case codes.Unavailable:
+		if resp.StatusCode >= 500 && resp.StatusCode < 600 {
+			message = fmt.Sprintf("%s: service unavailable", operation)
+		} else {
+			message = fmt.Sprintf("%s: server error (status %d)", operation, resp.StatusCode)
+		}
+	case codes.DeadlineExceeded:
+		message = fmt.Sprintf("%s: request timeout", operation)
+	default:
+		message = fmt.Sprintf("%s: unexpected status code %d", operation, resp.StatusCode)
+	}
+
+	return uhttp.WrapErrors(code, message, err)
+}

pkg/connector/ext.go

@@ -1,9 +1,9 @@
 package connector
 
-import "net/http"
+import "github.com/conductorone/baton-sdk/pkg/uhttp"
 
 type ExtensionClient struct {
-	client *http.Client
+	client *uhttp.BaseHttpClient
 	apiKey string
 	orgId  string
 }