change some other error status

rockspore · rockspore · commit a19b234fd6bb · 2025-12-19T21:17:34.000Z
diff --git a/src/core/credentials/call/external/aws_external_account_credentials.cc b/src/core/credentials/call/external/aws_external_account_credentials.cc
@@ -293,7 +293,7 @@ void AwsExternalAccountCredentials::AwsFetchBody::RetrieveSigningKeys() {
   }
   if (role_name_.empty()) {
     AsyncFinish(
-        GRPC_ERROR_CREATE("Missing role name when retrieving signing keys."));
+        absl::UnauthenticatedError("Missing role name when retrieving signing keys."));
     return;
   }
   std::string url_with_role_name = absl::StrCat(creds_->url_, "/", role_name_);
diff --git a/src/core/credentials/call/external/external_account_credentials.cc b/src/core/credentials/call/external/external_account_credentials.cc
@@ -185,7 +185,7 @@ void ExternalAccountCredentials::ExternalFetchRequest::ExchangeToken(
   // Parse URI.
   absl::StatusOr<URI> uri = URI::Parse(options().token_url);
   if (!uri.ok()) {
-    return FinishTokenFetch(GRPC_ERROR_CREATE(
+    return FinishTokenFetch(absl::UnauthenticatedError(
         absl::StrFormat("Invalid token url: %s. Error: %s", options().token_url,
                         uri.status().ToString())));
   }
@@ -289,15 +289,15 @@ void ExternalAccountCredentials::ExternalFetchRequest::
   }
   auto it = json->object().find("access_token");
   if (it == json->object().end() || it->second.type() != Json::Type::kString) {
-    FinishTokenFetch(GRPC_ERROR_CREATE(absl::StrFormat(
+    FinishTokenFetch(absl::UnauthenticatedError(absl::StrFormat(
         "Missing or invalid access_token in %s.", *response_body)));
     return;
   }
   absl::string_view access_token = it->second.string();
   absl::StatusOr<URI> uri =
       URI::Parse(options().service_account_impersonation_url);
   if (!uri.ok()) {
-    FinishTokenFetch(GRPC_ERROR_CREATE(absl::StrFormat(
+    FinishTokenFetch(absl::UnauthenticatedError(absl::StrFormat(
         "Invalid service account impersonation url: %s. Error: %s",
         options().service_account_impersonation_url, uri.status().ToString())));
     return;
diff --git a/src/core/credentials/call/external/file_external_account_credentials.cc b/src/core/credentials/call/external/file_external_account_credentials.cc
@@ -55,14 +55,14 @@ void FileExternalAccountCredentials::FileFetchBody::ReadFile() {
   // request because it may have changed since the last request.
   auto content_slice = LoadFile(creds_->file_, /*add_null_terminator=*/false);
   if (!content_slice.ok()) {
-    Finish(content_slice.status());
+    Finish(absl::UnavailableError(content_slice.status().message()));
     return;
   }
   absl::string_view content = content_slice->as_string_view();
   if (creds_->format_type_ == "json") {
     auto content_json = JsonParse(content);
     if (!content_json.ok() || content_json->type() != Json::Type::kObject) {
-      Finish(GRPC_ERROR_CREATE(
+      Finish(absl::UnauthenticatedError(
           "The content of the file is not a valid json object."));
       return;
     }
diff --git a/test/core/credentials/call/call_credentials_test.cc b/test/core/credentials/call/call_credentials_test.cc
@@ -3204,8 +3204,7 @@ TEST_F(ExternalAccountCredentialsTest, FailureInvalidTokenUrl) {
   HttpRequest::SetOverride(httpcli_get_should_not_be_called,
                            httpcli_post_should_not_be_called,
                            httpcli_put_should_not_be_called);
-  // TODO(roth): This should return UNAUTHENTICATED.
-  grpc_error_handle expected_error = absl::UnknownError(
+  grpc_error_handle expected_error = absl::UnauthenticatedError(
       "error fetching oauth2 token: Invalid token url: "
       "invalid_token_url. Error: INVALID_ARGUMENT: Could not parse "
       "'scheme' from uri 'invalid_token_url'. Scheme not found.");
@@ -3243,8 +3242,7 @@ TEST_F(ExternalAccountCredentialsTest,
   HttpRequest::SetOverride(httpcli_get_should_not_be_called,
                            external_account_creds_httpcli_post_success,
                            httpcli_put_should_not_be_called);
-  // TODO(roth): This should return UNAUTHENTICATED.
-  grpc_error_handle expected_error = absl::UnknownError(
+  grpc_error_handle expected_error = absl::UnauthenticatedError(
       "error fetching oauth2 token: Invalid service account impersonation url: "
       "invalid_service_account_impersonation_url. Error: INVALID_ARGUMENT: "
       "Could not parse 'scheme' from uri "
@@ -3284,8 +3282,7 @@ TEST_F(ExternalAccountCredentialsTest,
       httpcli_get_should_not_be_called,
       external_account_creds_httpcli_post_failure_token_exchange_response_missing_access_token,
       httpcli_put_should_not_be_called);
-  // TODO(roth): This should return UNAUTHENTICATED.
-  grpc_error_handle expected_error = absl::UnknownError(
+  grpc_error_handle expected_error = absl::UnauthenticatedError(
       "error fetching oauth2 token: Missing or invalid access_token in "
       "{\"not_access_token\":\"not_access_token\",\"expires_in\":3599, "
       "\"token_type\":\"Bearer\"}.");
@@ -3607,8 +3604,7 @@ TEST_F(ExternalAccountCredentialsTest,
   HttpRequest::SetOverride(httpcli_get_should_not_be_called,
                            httpcli_post_should_not_be_called,
                            httpcli_put_should_not_be_called);
-  // TODO(roth): This should return UNAVAILABLE.
-  grpc_error_handle expected_error = absl::InternalError(
+  grpc_error_handle expected_error = absl::UnavailableError(
       "error fetching oauth2 token: Failed to load file: "
       "non_exisiting_file due to error(fdopen): No such file or directory");
   auto state = RequestMetadataState::NewInstance(expected_error, {});
@@ -3658,8 +3654,7 @@ TEST_F(ExternalAccountCredentialsTest,
   HttpRequest::SetOverride(httpcli_get_should_not_be_called,
                            httpcli_post_should_not_be_called,
                            httpcli_put_should_not_be_called);
-  // TODO(roth): This should return UNAUTHENTICATED.
-  grpc_error_handle expected_error = absl::UnknownError(
+  grpc_error_handle expected_error = absl::UnauthenticatedError(
       "error fetching oauth2 token: The content of the file is not a "
       "valid json object.");
   auto state = RequestMetadataState::NewInstance(expected_error, {});
@@ -4364,8 +4359,7 @@ TEST_F(ExternalAccountCredentialsTest,
   ASSERT_TRUE(creds.ok()) << creds.status();
   ASSERT_NE(*creds, nullptr);
   EXPECT_EQ((*creds)->min_security_level(), GRPC_PRIVACY_AND_INTEGRITY);
-  // TODO(roth): This should return UNAUTHENTICATED.
-  grpc_error_handle expected_error = absl::UnknownError(
+  grpc_error_handle expected_error = absl::UnauthenticatedError(
       "error fetching oauth2 token: "
       "Missing role name when retrieving signing keys.");
   auto state = RequestMetadataState::NewInstance(expected_error, {});

Original file line number	Diff line number	Diff line change
`@@ -293,7 +293,7 @@ void AwsExternalAccountCredentials::AwsFetchBody::RetrieveSigningKeys() {`
`293`	`293`	`}`
`294`	`294`	`if (role_name_.empty()) {`
`295`	`295`	`AsyncFinish(`
`296`		`- GRPC_ERROR_CREATE("Missing role name when retrieving signing keys."));`
	`296`	`+ absl::UnauthenticatedError("Missing role name when retrieving signing keys."));`
`297`	`297`	`return;`
`298`	`298`	`}`
`299`	`299`	`std::string url_with_role_name = absl::StrCat(creds_->url_, "/", role_name_);`