Proper CAPTCHA error Handling in client-cognito-identity-provider

[achrafsouk]

Describe the feature

When Cognito user pool is used with an AWS WAF that includes a CAPTCHA, there is no proper way to detect a 405 response code signaling to the front end to display AWS WAF CAPTCHA.

As a workaround, I check the error message if it contains the 'captcha' keyword to trigger the CAPTCHA rendering in the frontend. This is not a great long term solution.

Use Case

Protecting a Cognito endpoint with CAPTCHA.

Proposed Solution

The best is to have a CAPTCHA error type that can be caught and properly handled in the front end.

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

SDK version used

v4

Environment details (OS name and version, etc.)

Mac

[smilkuri]

@achrafsouk
SDK Version Clarification:
The AWS SDK for JavaScript only has v2 and v3 versions. Could you please confirm which version you're using?

Additional Information Needed:
To help us investigate this issue, could you provide:

1. Minimal code example showing how you're making the Cognito request
2. Complete error object you receive (including error code, message, and any additional properties) and the Expected behavior vs Observed behavior.

[achrafsouk]

Sorry it was a typo, I meant v3.

Here's a code snippet https://github.com/achrafsouk/cognito-signup-page/blob/2a25122e18c65721065d766b9cbf70e992e1e3c9/src/index.js#L85

Instead of a generic error, I'd like to catch a specific exception when a 405 response code is received due to a CAPTCHA in AWS WAF, such as CaptchaRequestedException

[aBurmeseDev]

Hi @achrafsouk - a list of service exceptions for this command can be found on this API docs. I'm not sure which one you're looking to catch but SDK probably won't be able to add custom exception.

[github-actions]

This issue has not received a response in 1 week. If you still think there is a problem, please leave a comment to avoid the issue from automatically closing.

[achrafsouk]

Hello @aBurmeseDev

The error that the SDK should catch corresponds to a 405 error code, returned by Cognito when the associated WAF WebACL is requesting a valid CAPTCHA token, which usually prompt the frontend to trigger a CAPTCHA UI.

This is a valid use case that should be caught by a specific Exception so that the frontend can know that it's related to CAPTCHA and renders the CAPTCHA appropriately.

[aBurmeseDev]

I'm sorry I'm not following your use case here. Which specific exception are you asking SDK to catch and which service exception is being returned by Cognito? Could you elaborate further? You may look at these service exceptions messages and catch the specific one like you're doing in your code. But note that none of the messages include "captcha".