From 75c0468abe252396343a532329ff6dc988fabc52 Mon Sep 17 00:00:00 2001 From: Xiao Yijun Date: Wed, 26 Jun 2024 15:22:41 +0800 Subject: [PATCH] refactor: handle potential errors during ky requests in koa-auth middleware (#6112) --- packages/core/src/middleware/koa-auth/index.ts | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/packages/core/src/middleware/koa-auth/index.ts b/packages/core/src/middleware/koa-auth/index.ts index 826e784ef07..bcfd39d290a 100644 --- a/packages/core/src/middleware/koa-auth/index.ts +++ b/packages/core/src/middleware/koa-auth/index.ts @@ -6,6 +6,7 @@ import type { JWK } from 'jose'; import { createLocalJWKSet, jwtVerify } from 'jose'; import type { MiddlewareType, Request } from 'koa'; import type { IMiddleware, IRouterParamContext } from 'koa-router'; +import { HTTPError } from 'ky'; import { z } from 'zod'; import { EnvSet } from '#src/env-set/index.js'; @@ -106,6 +107,16 @@ export const verifyBearerTokenFromRequest = async ( throw error; } + /** + * Handle potential errors when ky makes requests during validation + * This may occur when fetching OIDC configuration from the oidc-config endpoint + * `TypeError`: typically thrown when the fetch operation fails (e.g., network issues) + * `HTTPError`: thrown by ky for non-2xx responses + */ + if (error instanceof TypeError || error instanceof HTTPError) { + throw error; + } + throw new RequestError({ code: 'auth.unauthorized', status: 401 }, error); } };