refactor: handle potential errors during ky requests in koa-auth midd…

…leware (#6112)
logto-io · Jun 27, 2024 · 811de6b · 811de6b
1 parent a5b1f00
commit 811de6b
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/packages/core/src/middleware/koa-auth/index.ts b/packages/core/src/middleware/koa-auth/index.ts
@@ -6,6 +6,7 @@ import type { JWK } from 'jose';
 import { createLocalJWKSet, jwtVerify } from 'jose';
 import type { MiddlewareType, Request } from 'koa';
 import type { IMiddleware, IRouterParamContext } from 'koa-router';
+import { HTTPError } from 'ky';
 import { z } from 'zod';
 
 import { EnvSet } from '#src/env-set/index.js';
@@ -106,6 +107,16 @@ export const verifyBearerTokenFromRequest = async (
  throw error;
  }
 
+ /**
+ * Handle potential errors when ky makes requests during validation
+ * This may occur when fetching OIDC configuration from the oidc-config endpoint
+ * `TypeError`: typically thrown when the fetch operation fails (e.g., network issues)
+ * `HTTPError`: thrown by ky for non-2xx responses
+ */
+ if (error instanceof TypeError || error instanceof HTTPError) {
+ throw error;
+ }
+
  throw new RequestError({ code: 'auth.unauthorized', status: 401 }, error);
  }
 };