Add WebAuthProvider Rule error message parsing #89
Conversation
| @@ -1550,6 +1584,12 @@ private String createHash(@Nullable String idToken, @Nullable String accessToken | |||
| } | |||
| hash = hash.concat("error=" + error); | |||
| } | |||
| if (errorDescription != null) { | |||
| if (!hash.endsWith("&")) { | |||
There was a problem hiding this comment.
this is working, but I don't think it can ever be false (except if the values end with a & which is wrong).
all these checks should be endsWith("#") just in case all previous values where empty/null.
There was a problem hiding this comment.
I guess i wanted to do that check but got lost and used the same & for comparison. Good catch 👍
| if (errorValue == null) { | ||
| return; | ||
| } | ||
| Log.e(TAG, "Error, access denied. Check that the required Permissions are granted and that the Application has this Connection configured in Auth0 Dashboard."); | ||
| if (ERROR_VALUE_ACCESS_DENIED.equalsIgnoreCase(errorValue)) { | ||
| throw new AuthenticationException(ERROR_VALUE_ACCESS_DENIED, "Permissions were not granted. Try again."); | ||
| } else if (ERROR_VALUE_UNAUTHORIZED.equalsIgnoreCase(errorValue)) { | ||
| throw new AuthenticationException(ERROR_VALUE_UNAUTHORIZED, errorDescription); |
There was a problem hiding this comment.
can errorDescription be null/empty? in the case of a rule error, this is something we don't control, right? it's user defined.
maybe we can add a generic message "Unknown error" in case it's null, just to avoid a null description?
There was a problem hiding this comment.
Yes! If the key doesn't exist on the map, then the returned value will be null. This case is covered by the behavior of the AuthenticationException class. exception.getDescription() will always return a valid message. Maybe instead of checking for null I can use TextUtils.isEmptyString(description) here so it checks for null and empty strings. What do you think?
cac8ce2 to
bced8e5
Compare
d028047 to
4335edd
Compare
Support custom Auth0 Rules error messages and construct a proper exception with the
unauthorizedcode and the given user's description. You might need to update your Rule's script as the error must be an instance ofUnauthorizedError. Check this article for more context.Fixes #87.