summaryrefslogtreecommitdiffhomepage
path: root/packages/browser/src/helpers/identifyRegistrationError.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/browser/src/helpers/identifyRegistrationError.ts')
-rw-r--r--packages/browser/src/helpers/identifyRegistrationError.ts83
1 files changed, 55 insertions, 28 deletions
diff --git a/packages/browser/src/helpers/identifyRegistrationError.ts b/packages/browser/src/helpers/identifyRegistrationError.ts
index 57bfe51..4649fb9 100644
--- a/packages/browser/src/helpers/identifyRegistrationError.ts
+++ b/packages/browser/src/helpers/identifyRegistrationError.ts
@@ -20,31 +20,46 @@ export function identifyRegistrationError({
if (error.name === 'AbortError') {
if (options.signal === new AbortController().signal) {
// https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 16)
- return new WebAuthnError('Registration ceremony was sent an abort signal', error);
+ return new WebAuthnError({
+ message: 'Registration ceremony was sent an abort signal',
+ code: 'ERROR_CEREMONY_ABORTED',
+ cause: error,
+ });
}
} else if (error.name === 'ConstraintError') {
if (publicKey.authenticatorSelection?.requireResidentKey === true) {
// https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 4)
- return new WebAuthnError(
- 'Discoverable credentials were required but no available authenticator supported it',
- error,
- );
+ return new WebAuthnError({
+ message: 'Discoverable credentials were required but no available authenticator supported it',
+ code: 'ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT',
+ cause: error,
+ });
} else if (publicKey.authenticatorSelection?.userVerification === 'required') {
// https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 5)
- return new WebAuthnError(
- 'User verification was required but no available authenticator supported it',
- error,
- );
+ return new WebAuthnError({
+ message: 'User verification was required but no available authenticator supported it',
+ code: 'ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT',
+ cause: error,
+ });
}
} else if (error.name === 'InvalidStateError') {
// https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 20)
// https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 3)
- return new WebAuthnError('The authenticator was previously registered', error);
+ return new WebAuthnError({
+ message: 'The authenticator was previously registered',
+ code: 'ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED',
+ cause: error
+ });
} else if (error.name === 'NotAllowedError') {
/**
* Pass the error directly through. Platforms are overloading this error beyond what the spec
* defines and we don't want to overwrite potentially useful error messages.
*/
+ return new WebAuthnError({
+ message: error.message,
+ code: 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY',
+ cause: error,
+ });
} else if (error.name === 'NotSupportedError') {
const validPubKeyCredParams = publicKey.pubKeyCredParams.filter(
param => param.type === 'public-key',
@@ -52,41 +67,53 @@ export function identifyRegistrationError({
if (validPubKeyCredParams.length === 0) {
// https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 10)
- return new WebAuthnError(
- 'No entry in pubKeyCredParams was of type "public-key"',
- error,
- );
+ return new WebAuthnError({
+ message: 'No entry in pubKeyCredParams was of type "public-key"',
+ code: 'ERROR_MALFORMED_PUBKEYCREDPARAMS',
+ cause: error,
+ });
}
// https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 2)
- return new WebAuthnError(
- 'No available authenticator supported any of the specified pubKeyCredParams algorithms',
- error,
- );
+ return new WebAuthnError({
+ message: 'No available authenticator supported any of the specified pubKeyCredParams algorithms',
+ code: 'ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG',
+ cause: error,
+ });
} else if (error.name === 'SecurityError') {
const effectiveDomain = window.location.hostname;
if (!isValidDomain(effectiveDomain)) {
// https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 7)
- return new WebAuthnError(`${window.location.hostname} is an invalid domain`, error);
+ return new WebAuthnError({
+ message: `${window.location.hostname} is an invalid domain`,
+ code: 'ERROR_INVALID_DOMAIN',
+ cause: error
+ });
} else if (publicKey.rp.id !== effectiveDomain) {
// https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 8)
- return new WebAuthnError(
- `The RP ID "${publicKey.rp.id}" is invalid for this domain`,
- error,
- );
+ return new WebAuthnError({
+ message: `The RP ID "${publicKey.rp.id}" is invalid for this domain`,
+ code: 'ERROR_INVALID_RP_ID',
+ cause: error,
+ });
}
} else if (error.name === 'TypeError') {
if (publicKey.user.id.byteLength < 1 || publicKey.user.id.byteLength > 64) {
// https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 5)
- return new WebAuthnError('User ID was not between 1 and 64 characters', error);
+ return new WebAuthnError({
+ message: 'User ID was not between 1 and 64 characters',
+ code: 'ERROR_INVALID_USER_ID_LENGTH',
+ cause: error,
+ });
}
} else if (error.name === 'UnknownError') {
// https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 1)
// https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 8)
- return new WebAuthnError(
- 'The authenticator was unable to process the specified options, or could not create a new credential',
- error,
- );
+ return new WebAuthnError({
+ message: 'The authenticator was unable to process the specified options, or could not create a new credential',
+ code: 'ERROR_AUTHENTICATOR_GENERAL_ERROR',
+ cause: error,
+ });
}
return error;
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-21 21:46:22 +0000