bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-12 22:33:35 +00:00
Code Issues Releases Wiki Activity

[PM-1165] Handle personal API login errors [cli] (#4866)

Browse Source 
* Handle personal API login errors [cli]

* Revert misguided generic error handling tweak

* Only handle invalid_client errors

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>

* Typo fix

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
This commit is contained in:
Josh Richards
2023-03-07 13:53:28 -05:00
committed by GitHub
parent a16d02b39d
commit d7a94c140f
1 changed files with 37 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
apps/cli/src/auth/commands/login.command.ts
View File

@@ -77,6 +77,12 @@ export class LoginCommand {
const apiIdentifiers = await this.apiIdentifiers(); const apiIdentifiers = await this.apiIdentifiers();
clientId = apiIdentifiers.clientId; clientId = apiIdentifiers.clientId;
clientSecret = apiIdentifiers.clientSecret; clientSecret = apiIdentifiers.clientSecret;
if (clientId == null || clientId.trim() === "") {
return Response.badRequest("client_id is required.");
}
if (clientSecret == null || clientSecret === "") {
return Response.badRequest("client_secret is required.");
}
} else if (options.sso != null && this.canInteract) { } else if (options.sso != null && this.canInteract) {
const passwordOptions: any = { const passwordOptions: any = {
type: "password", type: "password",
@@ -161,9 +167,23 @@ export class LoginCommand {
if (!clientId.startsWith("user")) { if (!clientId.startsWith("user")) {
return Response.error("Invalid API Key; Organization API Key currently not supported"); return Response.error("Invalid API Key; Organization API Key currently not supported");
} }
response = await this.authService.logIn( try {
new UserApiLogInCredentials(clientId, clientSecret) response = await this.authService.logIn(
); new UserApiLogInCredentials(clientId, clientSecret)
);
} catch (e) {
// handle API key login failures
// Handle invalid client error as server doesn't return a useful message
if (
e?.response?.error &&
typeof e.response.error === "string" &&
e.response.error === "invalid_client"
) {
return Response.badRequest("client_id or client_secret is incorrect. Try again.");
}
// Pass error up to be handled by the outer catch block below
throw e;
}
} else if (ssoCode != null && ssoCodeVerifier != null) { } else if (ssoCode != null && ssoCodeVerifier != null) {
response = await this.authService.logIn( response = await this.authService.logIn(
new SsoLogInCredentials( new SsoLogInCredentials(
@@ -547,16 +567,20 @@ export class LoginCommand {
let clientSecret: string = null; let clientSecret: string = null;
const storedClientSecret: string = this.clientSecret || process.env.BW_CLIENTSECRET; const storedClientSecret: string = this.clientSecret || process.env.BW_CLIENTSECRET;
if (this.canInteract && storedClientSecret == null) { if (storedClientSecret == null) {
const answer: inquirer.Answers = await inquirer.createPromptModule({ if (this.canInteract) {
output: process.stderr, const answer: inquirer.Answers = await inquirer.createPromptModule({
})({ output: process.stderr,
type: "input", })({
name: "clientSecret", type: "input",
message: name: "clientSecret",
(isAdditionalAuthentication ? additionalAuthenticationMessage : "") + "client_secret:", message:
}); (isAdditionalAuthentication ? additionalAuthenticationMessage : "") + "client_secret:",
clientSecret = answer.clientSecret; });
clientSecret = answer.clientSecret;
} else {
clientSecret = null;
}
} else { } else {
clientSecret = storedClientSecret; clientSecret = storedClientSecret;
} }