Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Server error codes #646

Open
Mykhailo-Sichkaruk opened this issue Nov 28, 2024 · 2 comments
Open

Server error codes #646

Mykhailo-Sichkaruk opened this issue Nov 28, 2024 · 2 comments

Comments

@Mykhailo-Sichkaruk
Copy link

Mykhailo-Sichkaruk commented Nov 28, 2024
edited
Loading

Proposal

It would be great if server lib had codes for errors.
There are such error codes for frontend - #367 .

Consider example -

  • you want to run some logic if counter is lower than expected,
  • and you want to run another logic if origin mismathes
  • else rethrow

I want to it to look like this in my code:

			try {
				const verification = await verifyAuthenticationResponse({
				...
				});
			} catch (error: WebAuthnError) {
			        if (error.code === 'COUNTER_TOO_LOW') {
			            // logout user
			            // delete passkey
			        } else if (error.code === 'ORIGIN_MISMATCH'){
			            throw new Error('I'm a teapot');
                                } else {
                                    throw error;
                                }
			}

Just say what do you think about it generally and we can start discussing implementation details.
I want to contribute.

P.S.: thank you for such great library
@MasterKale
Copy link
Owner

Hello @Mykhailo-Sichkaruk, thanks for the suggestion! This is a great idea, I see how it'd be nice to bring some order to the many more errors that @simplewebauthn/server might raise. I'll begin thinking about this and try to implement a custom error like @simplewebauthn/browser's WebAuthnError from #367 like you called out... 🤔

@Mykhailo-Sichkaruk
Copy link
Author

Thanks for considering this feature 😊
I'm also thinking how we can improve error handling

I have a related idea: grouping errors to handle not just one error but set of related errors.

For example, a PublicKeyError category could group all public key-related issues, such as:

  • PublicKeyMissingAlgError
  • PublicKeyInvalidAlgError
  • other

This could be implemented with inheritance:

class PublicKeyError extends WebAuthnError {}
class PublicKeyInvalidAlgError extends PublicKeyError {}

Or, alternatively, using a list of error codes:

const PublicKeyErrors = ['public_key_invalid_alg', 'public_key_missing_alg', ...];

This can help not only in handling errors, but also in understanding for users of the lib how errors relate to each other and how they should be handled.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MasterKale @Mykhailo-Sichkaruk