feat: allow any 403 response to continue verification (#662)

* feat: allow any 403 response to continue verification * refactor: optional chaining --------- Co-authored-by: Shane McLaughlin <[email protected]>
salesforcecli · Dec 1, 2023 · 84fff9e · 84fff9e
1 parent ceda9ea
commit 84fff9e
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 1 deletion.
diff --git a/src/shared/installationVerification.ts b/src/shared/installationVerification.ts
@@ -469,7 +469,7 @@ export async function doInstallationCodeSigningVerification(
     verificationConfig.log(`Successfully validated digital signature for ${plugin.plugin}.`);
   } catch (err) {
     if (err instanceof Error) {
-      if (err.name === 'NotSigned' || err.message === 'Response code 403 (Forbidden)') {
+      if (err.name === 'NotSigned' || err.message?.includes('Response code 403')) {
         if (!verificationConfig.verifier) {
           throw new Error('VerificationConfig.verifier is not set.');
         }

diff --git a/test/shared/installationVerification.test.ts b/test/shared/installationVerification.test.ts
@@ -685,5 +685,55 @@ describe('InstallationVerification Tests', () => {
         throw err;
       }
     });
+
+    it('continues installation when error message is response code 403 (forbidden)', async () => {
+      const vConfig = new VerificationConfig();
+      vConfig.verifier = {
+        async verify() {
+          const err = new Error();
+          err.message = 'Response code 403 (Forbidden)';
+          throw err;
+        },
+        async isAllowListed() {
+          return false;
+        },
+      } as Verifier;
+
+      stubMethod(sandbox, Prompter.prototype, 'confirm').resolves(true);
+
+      try {
+        await doInstallationCodeSigningVerification({}, BLANK_PLUGIN, vConfig);
+      } catch (e) {
+        assert(e instanceof Error);
+        const err = new Error("this test shouldn't fail.");
+        err.stack = e.stack;
+        throw err;
+      }
+    });
+
+    it('continues installation when error message contains response code 403', async () => {
+      const vConfig = new VerificationConfig();
+      vConfig.verifier = {
+        async verify() {
+          const err = new Error();
+          err.message = 'Response code 403 (OtherReason)';
+          throw err;
+        },
+        async isAllowListed() {
+          return false;
+        },
+      } as Verifier;
+
+      stubMethod(sandbox, Prompter.prototype, 'confirm').resolves(true);
+
+      try {
+        await doInstallationCodeSigningVerification({}, BLANK_PLUGIN, vConfig);
+      } catch (e) {
+        assert(e instanceof Error);
+        const err = new Error("this test shouldn't fail.");
+        err.stack = e.stack;
+        throw err;
+      }
+    });
   });
 });