fix(idp): add invalid_credentials error + fix typos (#344)

* fix(idp): add invalid_credentials error * chore(idp): regenerate docs
kouprlabs · Oct 2, 2024 · 84436d8 · 84436d8
1 parent f9113a1
commit 84436d8
Show file tree

Hide file tree

Showing 6 changed files with 20 additions and 15 deletions.
diff --git a/idp/.prettierignore b/idp/.prettierignore
@@ -1,2 +1,3 @@
 dist
-templates/**/*.hbs
+docs
+templates/**/*.hbs
diff --git a/idp/bun.lockb b/idp/bun.lockb
diff --git a/idp/package.json b/idp/package.json
@@ -5,7 +5,7 @@
   "private": true,
   "scripts": {
     "start": "bun src/app.ts",
-    "dev": "nodemon --exec ts-node -r tsconfig-paths/register src/app.ts",
+    "dev": "bun src/app.ts",
     "tsc": "tsc --noEmit",
     "format": "prettier --write .",
     "swagger-autogen": "bun ./swagger.js",
@@ -50,10 +50,8 @@
     "@types/uuid": "9.0.8",
     "eslint": "9.3.0",
     "globals": "15.3.0",
-    "nodemon": "3.1.0",
     "prettier": "3.2.5",
     "swagger-autogen": "2.23.7",
-    "ts-node": "10.9.2",
     "tsconfig-paths": "4.2.0",
     "typescript": "5.4.5",
     "typescript-eslint": "7.9.0"

diff --git a/idp/src/app.ts b/idp/src/app.ts
@@ -13,11 +13,11 @@ import cors from 'cors'
 import express from 'express'
 import logger from 'morgan'
 import passport from 'passport'
-import { Strategy as JwtStrategy, ExtractJwt } from 'passport-jwt'
+import { ExtractJwt, Strategy as JwtStrategy } from 'passport-jwt'
 import accountRouter from '@/account/router'
 import { getConfig } from '@/config/config'
 import healthRouter from '@/health/router'
-import { errorHandler } from '@/infra/error'
+import { ErrorCode, errorHandler, newError, newResponse } from '@/infra/error'
 import tokenRouter from '@/token/router'
 import userRepo from '@/user/repo'
 import userRouter from '@/user/router'
@@ -46,7 +46,10 @@ passport.use(
         const user = await userRepo.findByID(payload.sub)
         return done(null, user)
       } catch {
-        return done(null, false)
+        return done(
+          newResponse(newError({ code: ErrorCode.InvalidCredentials })),
+          false,
+        )
       }
     },
   ),

diff --git a/idp/src/infra/error.ts b/idp/src/infra/error.ts
@@ -17,7 +17,8 @@ export enum ErrorCode {
   InvalidUsernameOrPassword = 'invalid_username_or_password',
   InvalidPassword = 'invalid_password',
   InvalidJwt = 'invalid_jwt',
-  EmailNotConfimed = 'email_not_confirmed',
+  InvalidCredentials = 'invalid_credentials',
+  EmailNotConfirmed = 'email_not_confirmed',
   RefreshTokenExpired = 'refresh_token_expired',
   InvalidRequest = 'invalid_request',
   UnsupportedGrantType = 'unsupported_grant_type',
@@ -37,7 +38,8 @@ const statuses: { [key: string]: number } = {
   [ErrorCode.InvalidUsernameOrPassword]: 401,
   [ErrorCode.InvalidPassword]: 401,
   [ErrorCode.InvalidJwt]: 401,
-  [ErrorCode.EmailNotConfimed]: 401,
+  [ErrorCode.InvalidCredentials]: 401,
+  [ErrorCode.EmailNotConfirmed]: 401,
   [ErrorCode.RefreshTokenExpired]: 401,
   [ErrorCode.InvalidRequest]: 400,
   [ErrorCode.UnsupportedGrantType]: 400,
@@ -51,9 +53,10 @@ const statuses: { [key: string]: number } = {
 
 const userMessages: { [key: string]: string } = {
   [ErrorCode.UsernameUnavailable]: 'Email belongs to an existing user.',
-  [ErrorCode.EmailNotConfimed]: 'Email not confirmed.',
+  [ErrorCode.EmailNotConfirmed]: 'Email not confirmed.',
   [ErrorCode.InvalidPassword]: 'Invalid password.',
   [ErrorCode.InvalidUsernameOrPassword]: 'Invalid username or password.',
+  [ErrorCode.InvalidCredentials]: 'Invalid credentials.',
   [ErrorCode.UserSuspended]: 'User suspended.',
   [ErrorCode.MissingPermission]: 'You are not an console',
   [ErrorCode.OrphanError]: 'You cannot suspend last console',
@@ -91,7 +94,7 @@ export function newError(options: ErrorOptions): ErrorData {
   const userMessage =
     options.userMessage ||
     userMessages[options.code] ||
-    'Oops! something went wrong'
+    'Oops! something went wrong.'
   return {
     code: options.code,
     status: statuses[options.code],

diff --git a/idp/src/token/service.ts b/idp/src/token/service.ts
@@ -34,7 +34,7 @@ export type TokenExchangeOptions = {
 }
 
 export async function exchange(options: TokenExchangeOptions): Promise<Token> {
-  validateParemeters(options)
+  validateParameters(options)
   // https://datatracker.ietf.org/doc/html/rfc6749#section-4.3
   if (options.grant_type === 'password') {
     let user: User
@@ -44,7 +44,7 @@ export async function exchange(options: TokenExchangeOptions): Promise<Token> {
       throw newError({ code: ErrorCode.InvalidUsernameOrPassword })
     }
     if (!user.isEmailConfirmed) {
-      throw newError({ code: ErrorCode.EmailNotConfimed })
+      throw newError({ code: ErrorCode.EmailNotConfirmed })
     }
     if (!user.isActive) {
       throw newError({ code: ErrorCode.UserSuspended })
@@ -64,7 +64,7 @@ export async function exchange(options: TokenExchangeOptions): Promise<Token> {
       throw newError({ code: ErrorCode.InvalidUsernameOrPassword })
     }
     if (!user.isEmailConfirmed) {
-      throw newError({ code: ErrorCode.EmailNotConfimed })
+      throw newError({ code: ErrorCode.EmailNotConfirmed })
     }
     if (new Date() >= new Date(user.refreshTokenExpiry)) {
       throw newError({ code: ErrorCode.RefreshTokenExpired })
@@ -78,7 +78,7 @@ export const checkAdmin = (jwt) => {
     throw newError({ code: ErrorCode.MissingPermission })
 }
 
-function validateParemeters(options: TokenExchangeOptions) {
+function validateParameters(options: TokenExchangeOptions) {
   if (!options.grant_type) {
     throw newError({
       code: ErrorCode.InvalidRequest,