Any 403 with AccessDenied message should be omitted (#245)

* Any 403 with AccessDenied message should be omitted These errors appear to continue to bubble up to users. This changes our error-handling to omit any 403 with the string "AccessDenied" in its text when communicating with `federation.api.apollographql.com` * Do not require XML * Update changelog
apollographql · Oct 19, 2020 · 5096a48 · 5096a48
2 parents ea0e636 + d31d2db
commit 5096a48
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 5 deletions.
diff --git a/gateway-js/CHANGELOG.md b/gateway-js/CHANGELOG.md
@@ -4,7 +4,7 @@
 
 > The changes noted within this `vNEXT` section have not been released yet.  New PRs and commits which introduce changes should include an entry in this `vNEXT` section as part of their development.  When a release is being prepared, a new header will be (manually) created below and the appropriate changes within that release will be moved into the new section.
 
-- _Nothing yet! Stay tuned!_
+- Whenever "AccessDenied" 403 error comes from Apollo, provide a useful error message indicating how to resolve the problem. [PR #245](https://github.com/apollographql/federation/pull/245)
 
 ## v0.21.0
 

diff --git a/gateway-js/src/loadServicesFromStorage.ts b/gateway-js/src/loadServicesFromStorage.ts
@@ -81,10 +81,7 @@ function fetchApolloGcs(
       // conditions.  We'll special-case our known errors, and resort to
       // printing the body for others.
       if (
-        response.headers.get('content-type') === 'application/xml' &&
-        response.status === 403 &&
-        body.includes("<Error><Code>AccessDenied</Code>") &&
-        body.includes("Anonymous caller does not have storage.objects.get")
+          response.status === 403 && body.includes("AccessDenied")
       ) {
           throw new Error(
             "Unable to authenticate with Apollo storage " +