From edd8e54f6d1c52e0315cd25d82e943348a9bd622 Mon Sep 17 00:00:00 2001
From: Matthew Miller <matthew@millerti.me>
Date: Tue, 28 Feb 2023 22:30:56 -0800
Subject: Update error identification with error codes

---
 .../src/helpers/identifyAuthenticationError.ts     | 35 +++++++++++++++-------
 1 file changed, 25 insertions(+), 10 deletions(-)

(limited to 'packages/browser/src/helpers/identifyAuthenticationError.ts')

diff --git a/packages/browser/src/helpers/identifyAuthenticationError.ts b/packages/browser/src/helpers/identifyAuthenticationError.ts
index d5ba5fa..e617a7d 100644
--- a/packages/browser/src/helpers/identifyAuthenticationError.ts
+++ b/packages/browser/src/helpers/identifyAuthenticationError.ts
@@ -20,32 +20,47 @@ export function identifyAuthenticationError({
   if (error.name === 'AbortError') {
     if (options.signal === new AbortController().signal) {
       // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 16)
-      return new WebAuthnError('Authentication ceremony was sent an abort signal', error);
+      return new WebAuthnError({
+        message: 'Authentication ceremony was sent an abort signal',
+        code: 'ERROR_CEREMONY_ABORTED',
+        cause: error,
+      });
     }
   } else if (error.name === 'NotAllowedError') {
     /**
      * Pass the error directly through. Platforms are overloading this error beyond what the spec
      * defines and we don't want to overwrite potentially useful error messages.
      */
+    return new WebAuthnError({
+      message: error.message,
+      code: 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY',
+      cause: error,
+    });
   } else if (error.name === 'SecurityError') {
     const effectiveDomain = window.location.hostname;
     if (!isValidDomain(effectiveDomain)) {
       // https://www.w3.org/TR/webauthn-2/#sctn-discover-from-external-source (Step 5)
-      return new WebAuthnError(`${window.location.hostname} is an invalid domain`, error);
+      return new WebAuthnError({
+        message: `${window.location.hostname} is an invalid domain`,
+        code: 'ERROR_INVALID_DOMAIN',
+        cause: error,
+      });
     } else if (publicKey.rpId !== effectiveDomain) {
       // https://www.w3.org/TR/webauthn-2/#sctn-discover-from-external-source (Step 6)
-      return new WebAuthnError(
-        `The RP ID "${publicKey.rpId}" is invalid for this domain`,
-        error,
-      );
+      return new WebAuthnError({
+        message: `The RP ID "${publicKey.rpId}" is invalid for this domain`,
+        code: 'ERROR_INVALID_RP_ID',
+        cause: error,
+      });
     }
   } else if (error.name === 'UnknownError') {
     // https://www.w3.org/TR/webauthn-2/#sctn-op-get-assertion (Step 1)
     // https://www.w3.org/TR/webauthn-2/#sctn-op-get-assertion (Step 12)
-    return new WebAuthnError(
-      'The authenticator was unable to process the specified options, or could not create a new assertion signature',
-      error,
-    );
+    return new WebAuthnError({
+      message: 'The authenticator was unable to process the specified options, or could not create a new assertion signature',
+      code: 'ERROR_AUTHENTICATOR_GENERAL_ERROR',
+      cause: error,
+    });
   }
 
   return error;
-- 
cgit v1.2.3