fix: add check for new access_denied error

kiva · May 21, 2024 · 05576eb · 05576eb
1 parent ff1396c
commit 05576eb
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/server/auth-router.js b/server/auth-router.js
@@ -165,8 +165,8 @@ module.exports = function authRouter(config = {}) {
 
 			// Handle errors
 			if (req.query.error && !silentAuth) {
-				// Re-attempt login with the login form forced to display if unauthorized error happened
-				if (req.query.error === 'unauthorized') {
+				// Re-attempt login with the login form forced to display if unauthorized/access_denied error happened
+				if (req.query.error === 'unauthorized' || req.query.error === 'access_denied') {
 					req.query = {}; // Remove query params from previous auth attempt
 					return passport.authenticate('auth0', {
 						audience: config.auth0.apiAudience,

diff --git a/src/util/KvAuth0.js b/src/util/KvAuth0.js
@@ -288,7 +288,10 @@ export default class KvAuth0 {
 				this.webAuth.checkSession({}, (err, result) => {
 					if (err) {
 						this[setAuthData]();
-						if (err.error === 'login_required' || err.error === 'unauthorized') {
+						if (err.error === 'login_required'
+							|| err.error === 'unauthorized'
+							|| err.error === 'access_denied'
+						) {
 							// User is not logged in, so continue without authentication
 							this[noteLoggedOut]();
 							resolve();
@@ -364,5 +367,5 @@ export const MockKvAuth0 = {
 	checkSession: () => Promise.resolve({}),
 	popupLogin: () => Promise.resolve({}),
 	popupCallback: () => Promise.resolve({}),
-	onError: () => {},
+	onError: () => { },
 };