Intercept hawk errors, transform into custom format.

2013-10-24 19:36:27 +11:00 · 2013-10-24 19:36:27 +11:00 · 5d3eca31dc
--- a/error.js
+++ b/error.js
@ -6,13 +6,36 @@ var DEFAULTS = {
  info: 'https://github.com/mozilla/picl-idp/blob/master/docs/api.md#response-format'
 }

+// Wrap an object into a Boom error response.
+// If the object does not have an 'errno' attribute, this function
+// tries to intuit the appropriate details of the error.  It's ugly
+// but it's better than monkey-patching e.g. the Hawk auth lib to
+// send errors in the desired format.
+
 Boom.wrap = function (object) {
  object = Hoek.applyToDefaults(DEFAULTS, object)
+  if (typeof object.errno === 'undefined') {
+    // Decode errors generated by Hawk auth lib.
+    if (object.code == 401) {
+      if (object.message == 'Unknown credentials') {
+        object = Boom.invalidToken().response.payload
+      } else if (object.message == 'Invalid credentials') {
+        object = Boom.invalidToken().response.payload
+      } else if (object.message == 'Stale timestamp') {
+        object = Boom.invalidTimestamp().response.payload
+      } else {
+        object = Boom.invalidSignature().response.payload
+      }
+    }
+  }
  var b = new Boom(object.code, object.message)
  Hoek.merge(b.response.payload, object);
  return b
 }

+
+// Helper functions for creating particular response types.
+
 Boom.accountExists = function (email) {
  return Boom.wrap({
    code: 400,
--- a/server/index.js
+++ b/server/index.js
@ -6,6 +6,6 @@ var path = require('path')
 var url = require('url')
 var Hapi = require('hapi')
 var toobusy = require('toobusy')
-var error = require('./error')
+var error = require('../error')

 module.exports = require('./server')(path, url, Hapi, toobusy, error)
--- a/server/server.js
+++ b/server/server.js
@ -119,7 +119,7 @@ module.exports = function (path, url, Hapi, toobusy, error) {
        var response = request.response()
        if (response.isBoom) {
          if (!response.response.payload.errno) {
-            response.response.payload.errno = response.response.payload.code
+            response = error.wrap(response.response.payload);
          }
          if (config.env !== 'production') {
            response.response.payload.log = request.app.traced
@ -143,7 +143,7 @@ module.exports = function (path, url, Hapi, toobusy, error) {
            }
          )
        }
-        next()
+        next(response)
    })

    server.on(
--- a/test/run/integration_tests.js
+++ b/test/run/integration_tests.js
@ -332,7 +332,7 @@ function main() {
            t.end()
          },
          function (err) {
-            t.equal(err.errno, 401, 'session is invalid')
+            t.equal(err.errno, 110, 'session is invalid')
            t.end()
          }
        )
--- a/test/run/verification_tests.js
+++ b/test/run/verification_tests.js
@ -336,7 +336,7 @@ function main() {
            t.fail('reset password with invalid token')
          },
          function (err) {
-            t.equal(err.message, 'Unknown credentials', 'token is now invalid')
+            t.equal(err.message, 'Invalid authentication token in request signature', 'token is now invalid')
          }
        )
        .done(