forked from awslabs/aws-jwt-verify
-
Notifications
You must be signed in to change notification settings - Fork 0
/
error.ts
141 lines (106 loc) · 3.25 KB
/
error.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
import { JwtHeader, JwtPayload } from "./jwt-model.js";
/**
* Base Error for all other errors in this file
*/
export abstract class JwtBaseError extends Error {}
/**
* Interface for an error that is raised because an actual value does not match with the expected value
*/
interface AssertionError extends JwtBaseError {
failedAssertion: {
actual: unknown;
expected?: string | string[];
};
}
/**
* Constructor interface for AssertionError
*/
export interface AssertionErrorConstructor {
new (
msg: string,
actual: unknown,
expected?: string | string[]
): AssertionError;
}
/**
* An error that is raised because an actual value does not match with the expected value
*/
export class FailedAssertionError extends JwtBaseError {
failedAssertion: {
actual: unknown;
expected?: string | string[];
};
constructor(msg: string, actual: unknown, expected?: string | string[]) {
super(msg);
this.failedAssertion = {
actual,
expected,
};
}
}
/**
* JWT errors
*/
export class JwtParseError extends JwtBaseError {
constructor(msg: string, error?: unknown) {
const message = error != null ? `${msg}: ${error}` : msg;
super(message);
}
}
export class ParameterValidationError extends JwtBaseError {}
export class JwtInvalidSignatureError extends JwtBaseError {}
export class JwtInvalidSignatureAlgorithmError extends FailedAssertionError {}
interface RawJwt {
header: JwtHeader;
payload: JwtPayload;
}
export abstract class JwtInvalidClaimError extends FailedAssertionError {
public rawJwt?: RawJwt;
public withRawJwt<T extends JwtInvalidClaimError>(
this: T,
{ header, payload }: RawJwt
): T {
this.rawJwt = {
header,
payload,
};
return this;
}
}
export class JwtInvalidIssuerError extends JwtInvalidClaimError {}
export class JwtInvalidAudienceError extends JwtInvalidClaimError {}
export class JwtInvalidScopeError extends JwtInvalidClaimError {}
export class JwtExpiredError extends JwtInvalidClaimError {}
export class JwtNotBeforeError extends JwtInvalidClaimError {}
/**
* Amazon Cognito specific erros
*/
export class CognitoJwtInvalidGroupError extends JwtInvalidClaimError {}
export class CognitoJwtInvalidTokenUseError extends JwtInvalidClaimError {}
export class CognitoJwtInvalidClientIdError extends JwtInvalidClaimError {}
/**
* ASN.1 errors
*/
export class Asn1DecodingError extends JwtBaseError {}
/**
* JWK errors
*/
export class JwksValidationError extends JwtBaseError {}
export class JwkValidationError extends JwtBaseError {}
export class JwtWithoutValidKidError extends JwtBaseError {}
export class KidNotFoundInJwksError extends JwtBaseError {}
export class WaitPeriodNotYetEndedJwkError extends JwtBaseError {}
export class JwksNotAvailableInCacheError extends JwtBaseError {}
export class JwkInvalidUseError extends FailedAssertionError {}
export class JwkInvalidKtyError extends FailedAssertionError {}
/**
* HTTPS fetch errors
*/
export class FetchError extends JwtBaseError {
constructor(uri: string, msg: unknown) {
super(`Failed to fetch ${uri}: ${msg}`);
}
}
export class NonRetryableFetchError extends FetchError {}