Skip to content

Commit 2adec15

Browse files
felixheckfelixheck
committed
fix error handling
1 parent e35b2da commit 2adec15

File tree

5 files changed

+29
-25
lines changed

5 files changed

+29
-25
lines changed

src/index.js

Lines changed: 17 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ const { GrantManager } = require('keycloak-auth-utils')
33
const KeycloakToken = require('keycloak-auth-utils/lib/token')
44
const cache = require('./cache')
55
const token = require('./token')
6-
const { error, fakeToolkit, verify } = require('./utils')
6+
const { raiseError, errors, fakeToolkit, verify } = require('./utils')
77
const pkg = require('../package.json')
88

99
/**
@@ -48,10 +48,11 @@ async function verifySignedJwt (tkn) {
4848
* @throws {Error} If token is invalid
4949
*/
5050
async function introspect (tkn) {
51-
const res = await manager.validateAccessToken(tkn)
52-
53-
if (res === false) {
54-
throw Error(error.msg.invalid)
51+
try {
52+
const isValid = await manager.validateAccessToken(tkn)
53+
if (isValid === false) throw Error(errors.invalid)
54+
} catch (err) {
55+
throw Error(errors.invalid)
5556
}
5657

5758
return tkn
@@ -69,9 +70,15 @@ async function introspect (tkn) {
6970
* @throws {Error} If request failed or token is invalid
7071
*/
7172
async function getRpt (tkn) {
72-
const { data } = await axios.get(`${options.realmUrl}/authz/entitlement/${options.clientId}`, {
73-
headers: { authorization: `bearer ${tkn}` }
74-
})
73+
let data = {}
74+
75+
try {
76+
({ data } = await axios.get(`${options.realmUrl}/authz/entitlement/${options.clientId}`, {
77+
headers: { authorization: `bearer ${tkn}` }
78+
}))
79+
} catch (err) {
80+
throw Error(errors.rpt)
81+
}
7582

7683
return data.rpt
7784
}
@@ -111,7 +118,7 @@ async function handleKeycloakValidation (tkn, h) {
111118
await cache.set(store, tkn, userData, expiresIn)
112119
return h.authenticated(userData)
113120
} catch (err) {
114-
throw error('unauthorized', null, error.msg.invalid)
121+
throw raiseError('unauthorized', err, errors.invalid)
115122
}
116123
}
117124

@@ -131,7 +138,7 @@ async function validate (field, h = (data) => data) {
131138
const reply = fakeToolkit(h)
132139

133140
if (!tkn) {
134-
throw error('unauthorized', error.msg.missing)
141+
throw raiseError('unauthorized', null, errors.missing)
135142
}
136143

137144
const cached = await cache.get(store, tkn)

src/utils.js

Lines changed: 7 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -73,18 +73,14 @@ function verify (opts) {
7373
* @param {string} msg The error message
7474
* @returns {Boom} The created `Boom` error
7575
*/
76-
function error (type, err, msg) {
77-
return boom[type](err ? err.message || err.toString() : msg, 'Bearer')
76+
function raiseError (type, err, msg) {
77+
return boom[type](err ? err.message : msg, 'Bearer')
7878
}
7979

80-
/**
81-
* @type Object
82-
*
83-
* Error messages
84-
*/
85-
error.msg = {
80+
const errors = {
81+
invalid: 'Invalid credentials',
8682
missing: 'Missing or invalid authorization header',
87-
invalid: 'Invalid credentials'
83+
rpt: 'Retrieving the RPT failed'
8884
}
8985

9086
/**
@@ -105,7 +101,8 @@ function fakeToolkit (h) {
105101
}
106102

107103
module.exports = {
108-
error,
104+
raiseError,
105+
errors,
109106
fakeToolkit,
110107
verify
111108
}

test/index.entitlement.spec.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,7 @@ test('authentication does fail – invalid token', async (t) => {
8484

8585
t.truthy(res)
8686
t.is(res.statusCode, 401)
87-
t.is(res.headers['www-authenticate'], 'Bearer error="Invalid credentials"')
87+
t.is(res.headers['www-authenticate'], 'Bearer error="Retrieving the RPT failed"')
8888
})
8989

9090
test('authentication does fail – invalid header', async (t) => {

test/index.verify.spec.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ test('authentication does fail – expired token', async (t) => {
4949

5050
t.truthy(res)
5151
t.is(res.statusCode, 401)
52-
t.is(res.headers['www-authenticate'], 'Bearer error="Invalid credentials"')
52+
t.is(res.headers['www-authenticate'], 'Bearer error="invalid token (expired)"')
5353
})
5454

5555
test('authentication does fail – invalid header', async (t) => {

test/utils.spec.js

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,20 +3,20 @@ const test = require('ava')
33
const utils = require('../src/utils')
44

55
test('get boom error with default message', (t) => {
6-
const result = utils.error('badRequest')
6+
const result = utils.raiseError('badRequest')
77
t.truthy(result)
88
t.deepEqual(result, boom.badRequest(undefined, 'Bearer'))
99
})
1010

1111
test('get boom error with default message', (t) => {
12-
const result = utils.error('badRequest', undefined, 'foobar')
12+
const result = utils.raiseError('badRequest', undefined, 'foobar')
1313
t.truthy(result)
1414
t.deepEqual(result, boom.badRequest('foobar', 'Bearer'))
1515
})
1616

1717
test('get boom error with error message', (t) => {
1818
const mockErr = new Error('barfoo')
19-
const result = utils.error('badRequest', mockErr, 'foobar')
19+
const result = utils.raiseError('badRequest', mockErr, 'foobar')
2020
t.truthy(result)
2121
t.deepEqual(result, boom.badRequest(mockErr.message, 'Bearer'))
2222
})

0 commit comments

Comments
 (0)