From 6a8e377b725562eb6b7689f5300ba87d64fbb455 Mon Sep 17 00:00:00 2001
From: hghaf099 <83242695+hghaf099@users.noreply.github.com>
Date: Fri, 30 Jul 2021 12:32:05 -0400
Subject: [PATCH] VAULT-1303 when a request to vault fails, show namespace if
 set (#12196)

* VAULT-1303 when a request to vault fails, show namespace if set

* Adding changelog

* Fix Changelog file name

* Set namespace in ResponseWriter headers if it is set

* Using consts.NamespaceHeaderName instead of the literal string
---
 api/response.go     | 19 ++++++++++++++++---
 changelog/12196.txt |  3 +++
 http/handler.go     |  6 ++++++
 3 files changed, 25 insertions(+), 3 deletions(-)
 create mode 100644 changelog/12196.txt

diff --git a/api/response.go b/api/response.go
index ae350c9791655..9ce3d12aacca1 100644
--- a/api/response.go
+++ b/api/response.go
@@ -7,6 +7,7 @@ import (
 	"io/ioutil"
 	"net/http"
 
+	"github.com/hashicorp/vault/sdk/helper/consts"
 	"github.com/hashicorp/vault/sdk/helper/jsonutil"
 )
 
@@ -41,12 +42,14 @@ func (r *Response) Error() error {
 
 	r.Body.Close()
 	r.Body = ioutil.NopCloser(bodyBuf)
+	ns := r.Header.Get(consts.NamespaceHeaderName)
 
 	// Build up the error object
 	respErr := &ResponseError{
-		HTTPMethod: r.Request.Method,
-		URL:        r.Request.URL.String(),
-		StatusCode: r.StatusCode,
+		HTTPMethod:    r.Request.Method,
+		URL:           r.Request.URL.String(),
+		StatusCode:    r.StatusCode,
+		NamespacePath: ns,
 	}
 
 	// Decode the error response if we can. Note that we wrap the bodyBuf
@@ -92,6 +95,10 @@ type ResponseError struct {
 
 	// Errors are the underlying errors returned by Vault.
 	Errors []string
+
+	// Namespace path to be reported to the client if it is set to anything other
+	// than root
+	NamespacePath string
 }
 
 // Error returns a human-readable error string for the response error.
@@ -101,9 +108,15 @@ func (r *ResponseError) Error() string {
 		errString = "Raw Message"
 	}
 
+	var ns string
+	if r.NamespacePath != "" && r.NamespacePath != "root/" {
+		ns = "Namespace: " + r.NamespacePath + "\n"
+	}
+
 	var errBody bytes.Buffer
 	errBody.WriteString(fmt.Sprintf(
 		"Error making API request.\n\n"+
+			ns+
 			"URL: %s %s\n"+
 			"Code: %d. %s:\n\n",
 		r.HTTPMethod, r.URL, r.StatusCode, errString))
diff --git a/changelog/12196.txt b/changelog/12196.txt
new file mode 100644
index 0000000000000..28b6b6467b2ec
--- /dev/null
+++ b/changelog/12196.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+core (enterprise): namespace header included in responses, Go client uses it when displaying error messages
+```
diff --git a/http/handler.go b/http/handler.go
index 831c0651b12d4..11bdcbad17b76 100644
--- a/http/handler.go
+++ b/http/handler.go
@@ -350,6 +350,12 @@ func wrapGenericHandler(core *vault.Core, h http.Handler, props *vault.HandlerPr
 			return
 		}
 
+		// Setting the namespace in the header to be included in the error message
+		ns := r.Header.Get(consts.NamespaceHeaderName)
+		if ns != "" {
+			w.Header().Set(consts.NamespaceHeaderName, ns)
+		}
+
 		h.ServeHTTP(w, r)
 
 		cancelFunc()