Skip to content

Commit

Permalink
Merge pull request #236 from auth0/normalize-aggregate-error
Browse files Browse the repository at this point in the history
AggregateError#message from `Issuer.discover` includes stack trace
  • Loading branch information
adamjmcgrath authored Jan 13, 2021
2 parents 6557001 + 494e70c commit 5c6ef50
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 2 deletions.
18 changes: 17 additions & 1 deletion src/auth0-session/client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,17 @@ function sortSpaceDelimitedString(str: string): string {
return str.split(' ').sort().join(' ');
}

// Issuer.discover throws an `AggregateError` in some cases, this error includes the stack trace in the
// message which causes the stack to be exposed when reporting the error in production. Am using the non standard
// `_errors` property to identify the polyfilled `AggregateError`
// See https://github.com/sindresorhus/aggregate-error/issues/4#issuecomment-488356468
function normalizeAggregateError(e: Error | (Error & { _errors: Error[] })): Error {
if ('_errors' in e) {
return e._errors[0];
}
return e;
}

export default function get(config: Config, { name, version }: Telemetry): ClientFactory {
let client: Client | null = null;

Expand Down Expand Up @@ -54,7 +65,12 @@ export default function get(config: Config, { name, version }: Telemetry): Clien
};

applyHttpOptionsCustom(Issuer);
const issuer = await Issuer.discover(config.issuerBaseURL);
let issuer: Issuer<Client>;
try {
issuer = await Issuer.discover(config.issuerBaseURL);
} catch (e) {
throw normalizeAggregateError(e);
}
applyHttpOptionsCustom(issuer);

const issuerTokenAlgs = Array.isArray(issuer.id_token_signing_alg_values_supported)
Expand Down
14 changes: 13 additions & 1 deletion tests/auth0-session/client.test.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import nock from 'nock';
import { Client } from 'openid-client';
import { Client, Issuer } from 'openid-client';
import { getConfig, clientFactory, ConfigParameters } from '../../src/auth0-session';
import { jwks } from './fixtures/cert';
import pkg from '../../package.json';
Expand Down Expand Up @@ -132,4 +132,16 @@ describe('clientFactory', function () {
})
).resolves.not.toThrow();
});

it('should not disclose stack trace in AggregateError message when discovery fails', async () => {
nock.cleanAll();
nock('https://op.example.com').get('/.well-known/oauth-authorization-server').reply(500);
nock('https://op.example.com').get('/.well-known/openid-configuration').reply(500);
await expect(getClient()).rejects.toThrowError(new Error('expected 200 OK, got: 500 Internal Server Error'));
});

it('should not normalize individual errors from discovery', async () => {
jest.spyOn(Issuer, 'discover').mockRejectedValue(new Error('foo'));
await expect(getClient()).rejects.toThrowError(new Error('foo'));
});
});

0 comments on commit 5c6ef50

Please sign in to comment.