Make single-lease revocation behave like expiration (#4883)

This change makes it so that if a lease is revoked through user action, we set the expiration time to now and update pending, just as we do with tokens. This allows the normal retry logic to apply in these cases as well, instead of just erroring out immediately. The idea being that once you tell Vault to revoke something it should keep doing its darndest to actually make that happen.
2025-11-02 03:27:54 +00:00 · 2018-07-11 15:45:09 -04:00
parent eed9ef9391
commit a831fb4c5a
20 changed files with 392 additions and 101 deletions
--- a/logical/error.go
+++ b/logical/error.go
@@ -1,5 +1,27 @@
 package logical

+import "errors"
+
+var (
+	// ErrUnsupportedOperation is returned if the operation is not supported
+	// by the logical backend.
+	ErrUnsupportedOperation = errors.New("unsupported operation")
+
+	// ErrUnsupportedPath is returned if the path is not supported
+	// by the logical backend.
+	ErrUnsupportedPath = errors.New("unsupported path")
+
+	// ErrInvalidRequest is returned if the request is invalid
+	ErrInvalidRequest = errors.New("invalid request")
+
+	// ErrPermissionDenied is returned if the client is not authorized
+	ErrPermissionDenied = errors.New("permission denied")
+
+	// ErrMultiAuthzPending is returned if the the request needs more
+	// authorizations
+	ErrMultiAuthzPending = errors.New("request needs further approval")
+)
+
 type HTTPCodedError interface {
 	Error() string
 	Code() int