HugoCasa opened a new issue, #419:
URL: https://github.com/apache/arrow-rs-object-store/issues/419

   **Describe the bug**
   When building a GCS client in `object_store`, if the provided private key is 
malformed, the builder panics instead of returning an error. This breaks 
expected behavior and makes error handling impossible.
   
   **To Reproduce**
   
   ```rust
   use object_store::gcp::GoogleCloudStorageBuilder;
   
   #[tokio::main]
   async fn main() {
       let client_builder = GoogleCloudStorageBuilder::new()
           .with_bucket_name("asd")
           .with_service_account_key("{\"private_key\": \"-----BEGIN PRIVATE 
KEY-----\", \"private_key_id\": \"hey\", \"client_email\": \"a...@asd.com\", 
\"type\": \"service_account\"}");
   
       if let Err(err) = client_builder.build() {
           println!("Error: {:?}", err);
       }
   }
   ```
   
   ```
   thread 'main' panicked at 
XXX/object_store-0.12.2/src/gcp/credential.rs:134:53:
   called `Result::unwrap()` on an `Err` value: Custom { kind: InvalidData, 
error: "section end \"-----END PRIVATE KEY-----\" missing" }
   ```
   
   **Expected behavior**
   The builder should return an error if the private key is malformed, not 
panic.
   
   **Additional context**
   The panic occurs due to this code:
   
   ```rust
   // Reading from string is infallible
   match rustls_pemfile::read_one(&mut reader).unwrap() {
       Some(Item::Pkcs8Key(key)) => Self::from_pkcs8(key.secret_pkcs8_der()),
       Some(Item::Pkcs1Key(key)) => Self::from_der(key.secret_pkcs1_der()),
       _ => Err(Error::MissingKey),
   }
   ```
   
   The `unwrap()` assumes infallibility, which is incorrect for malformed 
inputs.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscr...@arrow.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to