From 317a312dcf182131a1ae47c38d678c2ca94f7fb1 Mon Sep 17 00:00:00 2001
From: David Luecke <daff@neyeon.com>
Date: Thu, 3 Oct 2019 15:30:44 -0700
Subject: [PATCH] fix: Improve error message when authentication strategy is
 not allowed (#1600)

---
 packages/authentication/src/core.ts       | 8 ++++++--
 packages/authentication/test/core.test.ts | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/packages/authentication/src/core.ts b/packages/authentication/src/core.ts
index a08600a929..49537d5b14 100644
--- a/packages/authentication/src/core.ts
+++ b/packages/authentication/src/core.ts
@@ -211,12 +211,16 @@ export class AuthenticationBase {
   async authenticate (authentication: AuthenticationRequest, params: Params, ...allowed: string[]) {
     const { strategy } = authentication || ({} as AuthenticationRequest);
     const [ authStrategy ] = this.getStrategies(strategy);
+    const strategyAllowed = allowed.includes(strategy);
 
     debug('Running authenticate for strategy', strategy, allowed);
 
-    if (!authentication || !authStrategy || !allowed.includes(strategy)) {
+    if (!authentication || !authStrategy || !strategyAllowed) {
+      const additionalInfo = (!strategy && ' (no `strategy` set)') ||
+        (!strategyAllowed && ' (strategy not allowed in authStrategies)') || '';
+
       // If there are no valid strategies or `authentication` is not an object
-      throw new NotAuthenticated(`Invalid authentication information` + (!strategy ? ' (no `strategy` set)' : ''));
+      throw new NotAuthenticated('Invalid authentication information' + additionalInfo);
     }
 
     return authStrategy.authenticate(authentication, {
diff --git a/packages/authentication/test/core.test.ts b/packages/authentication/test/core.test.ts
index efe40cab66..c79e7b0946 100644
--- a/packages/authentication/test/core.test.ts
+++ b/packages/authentication/test/core.test.ts
@@ -190,7 +190,7 @@ describe('authentication/core', () => {
           assert.fail('Should never get here');
         } catch (error) {
           assert.strictEqual(error.name, 'NotAuthenticated');
-          assert.strictEqual(error.message, 'Invalid authentication information');
+          assert.strictEqual(error.message, 'Invalid authentication information (strategy not allowed in authStrategies)');
         }
       });