MasterKale
Server error codes
Proposal
It would be great if server lib had codes for errors. There are such error codes for frontend - https://github.com/MasterKale/SimpleWebAuthn/pull/367 .
Consider example -
- you want to run some logic if counter is lower than expected,
- and you want to run another logic if origin mismathes
- else rethrow
I want to it to look like this in my code:
try {
const verification = await verifyAuthenticationResponse({
...
});
} catch (error: WebAuthnError) {
if (error.code === 'COUNTER_TOO_LOW') {
// logout user
// delete passkey
} else if (error.code === 'ORIGIN_MISMATCH'){
throw new Error('I'm a teapot');
} else {
throw error;
}
}
Just say what do you think about it generally and we can start discussing implementation details. I want to contribute.
P.S.: thank you for such great library
Hello @Mykhailo-Sichkaruk, thanks for the suggestion! This is a great idea, I see how it'd be nice to bring some order to the many more errors that @simplewebauthn/server might raise. I'll begin thinking about this and try to implement a custom error like @simplewebauthn/browser's WebAuthnError from #367 like you called out... 🤔
Thanks for considering this feature 😊 I'm also thinking how we can improve error handling
I have a related idea: grouping errors to handle not just one error but set of related errors.
For example, a PublicKeyError category could group all public key-related issues, such as:
PublicKeyMissingAlgErrorPublicKeyInvalidAlgError- other
This could be implemented with inheritance:
class PublicKeyError extends WebAuthnError {}
class PublicKeyInvalidAlgError extends PublicKeyError {}
Or, alternatively, using a list of error codes:
const PublicKeyErrors = ['public_key_invalid_alg', 'public_key_missing_alg', ...];
This can help not only in handling errors, but also in understanding for users of the lib how errors relate to each other and how they should be handled.