express-jwt-authz icon indicating copy to clipboard operation
express-jwt-authz copied to clipboard
verified publisher icon auth0

Customizable error messages

Open kaushalmk90 opened this issue 5 years ago • 2 comments

Please do not report security vulnerabilities here. The Responsible Disclosure Program details the procedure for disclosing security issues.

Thank you in advance for helping us to improve this library! Your attention to detail here is greatly appreciated and will help us respond as quickly as possible. For general support or usage questions, use the Auth0 Community or Auth0 Support. Finally, to avoid duplicates, please search existing Issues before submitting one here.

By submitting an Issue to this repository, you agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

Currently there is only one Error Message 'Insufficient scope' There should be an option for more.

Describe the ideal solution

Include an additional AuthzOptionslike customErrorMessage and use that if option is set.

Alternatives and current work-arounds

No work-around right now.

Additional context

This could be useful for external APIs to provide a meaningful error message.

kaushalmk90 avatar Aug 14 '20 17:08 kaushalmk90

You could try setting failWithError as true and then catch in a middleware. ;)

import jwtAuthz, {AuthzScopes, AuthzOptions} from 'express-jwt-authz';
export const hasScope = (scopes:AuthzScopes, options?:AuthzOptions)=>
{
  return jwtAuthz(scopes, {failWithError: true, ...options});
};

iquirino avatar Nov 21 '20 02:11 iquirino

You could try setting failWithError as true and then catch in a middleware. ;)

import jwtAuthz, {AuthzScopes, AuthzOptions} from 'express-jwt-authz';
export const hasScope = (scopes:AuthzScopes, options?:AuthzOptions)=>
{
  return jwtAuthz(scopes, {failWithError: true, ...options});
};

This works :)

Ian-Kibet avatar Apr 29 '21 20:04 Ian-Kibet