UNPKG

@okta/okta-signin-widget

Version:

The Okta Sign-In Widget

github.com/okta/okta-signin-widget

okta/okta-signin-widget

129 lines (102 loc) 3.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
import { loc } from './loc'; import { AuthSdkError, OAuthError as SdkOAuthError} from '@okta/okta-auth-js'; import { OAuthError } from './Errors'; import { ErrorDetails } from '../types/errors'; type ErrorTraits = 'inline' | 'terminal'; type ErrorType = { [key in ErrorTraits]?: boolean; }; class InlineErrorType implements ErrorType { inline = true; } class TerminalErrorType implements ErrorType { terminal = true; } class TypedOAuthError<T extends ErrorType> extends OAuthError { errorType: T; orginalError: AuthSdkError | SdkOAuthError; errorDetails: ErrorDetails constructor(originalError: AuthSdkError | SdkOAuthError, errorTypeCtor: new () => T) { super(originalError.message); this.errorType = new errorTypeCtor(); this.orginalError = originalError; this.errorDetails = { errorSummary: this.getErrorSummary(), errorCode: originalError.errorCode, errorCauses: 'errorCauses' in originalError ? originalError.errorCauses : undefined, } } protected getErrorSummary() { return this.orginalError.errorSummary; } public is(errorTrait: ErrorTraits) { return Boolean(Object.getOwnPropertyDescriptor(this.errorType, errorTrait as PropertyKey)?.value); } } class RecoverableError<T extends ErrorType> extends TypedOAuthError<T> { } class NonRecoverableError<T extends ErrorType> extends TypedOAuthError<T> { } class ClockDriftError extends RecoverableError<TerminalErrorType> { constructor(error: AuthSdkError | SdkOAuthError) { super(error, TerminalErrorType); } getErrorSummary(): string { return loc('error.unsynced.clock', 'login'); } } class UserNotAssignedError extends RecoverableError<InlineErrorType> { constructor(error: AuthSdkError | SdkOAuthError) { super(error, InlineErrorType); } } class JITProfileProvisioningError extends RecoverableError<InlineErrorType> { constructor(error: AuthSdkError | SdkOAuthError) { super(error, InlineErrorType); } getErrorSummary(): string { return loc('error.jit_failure', 'login'); } } class MfaRequiredError extends NonRecoverableError<InlineErrorType> { constructor(error: AuthSdkError | SdkOAuthError) { super(error, InlineErrorType); } getErrorSummary(): string { return loc('error.mfa.required', 'login'); } } function getTypedOAuthError(error: AuthSdkError | SdkOAuthError) { switch(error.errorCode) { case 'access_denied': return new UserNotAssignedError(error); case 'jit_failure_missing_fields': case 'jit_failure_invalid_login_format': case 'jit_failure_values_not_match_pattern': case 'jit_failure_values_too_long': case 'jit_failure_invalid_locale': return new JITProfileProvisioningError(error); case 'login_required': const mfaRequiredMsg = 'The client specified not to prompt, but the client app requires re-authentication or MFA.'; if (error.message === mfaRequiredMsg) { return new MfaRequiredError(error); } case 'INTERNAL': const clockDriftMsg = 'The JWT was issued in the future'; if (error.message === clockDriftMsg) { return new ClockDriftError(error); } default: return new RecoverableError(error, Object); } } export { RecoverableError, NonRecoverableError, JITProfileProvisioningError, ClockDriftError, UserNotAssignedError, MfaRequiredError, TypedOAuthError, getTypedOAuthError }