-
Notifications
You must be signed in to change notification settings - Fork 212
Expand file tree
/
Copy pathauth-utils.js
More file actions
96 lines (86 loc) · 3.6 KB
/
auth-utils.js
File metadata and controls
96 lines (86 loc) · 3.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
/*
* Copyright (c) 2026, salesforce.com, inc.
* All rights reserved.
* SPDX-License-Identifier: BSD-3-Clause
* For full license text, see the LICENSE file in the repo root or https://opensource.org/licenses/BSD-3-Clause
*/
import {defineMessage} from 'react-intl'
import {getAppOrigin} from '@salesforce/pwa-kit-react-sdk/utils/url'
import {getEnvBasePath} from '@salesforce/pwa-kit-runtime/utils/ssr-namespace-paths'
import {
API_ERROR_MESSAGE,
FEATURE_UNAVAILABLE_ERROR_MESSAGE
} from '@salesforce/retail-react-app/app/constants'
import {isAbsoluteURL} from '@salesforce/retail-react-app/app/page-designer/utils'
export const TOO_MANY_LOGIN_ATTEMPTS_ERROR_MESSAGE = defineMessage({
defaultMessage:
'You reached the limit for login attempts. For your security, wait 10 minutes and try again.',
id: 'global.error.too_many_login_attempts'
})
export const TOO_MANY_PASSWORD_RESET_ATTEMPTS_ERROR_MESSAGE = defineMessage({
defaultMessage:
'You reached the limit for password resets. For your security, wait 10 minutes and try again.',
id: 'global.error.too_many_password_reset_requests'
})
// Shared error patterns for token-based auth features (passwordless login, password reset)
const TOKEN_BASED_AUTH_FEATURE_UNAVAILABLE_ERRORS = [
/no callback_uri is registered/i,
/callback_uri doesn't match/i,
/monthly quota/i
]
const PASSWORDLESS_FEATURE_UNAVAILABLE_ERRORS = [
...TOKEN_BASED_AUTH_FEATURE_UNAVAILABLE_ERRORS,
/passwordless permissions error/i,
/client secret is not provided/i
]
const PASSWORD_RESET_FEATURE_UNAVAILABLE_ERRORS = TOKEN_BASED_AUTH_FEATURE_UNAVAILABLE_ERRORS
const TOO_MANY_REQUESTS_ERROR = /too many .* requests/i
/**
* Returns the absolute URL for the passwordless login callback.
* If the callback URI is already absolute, it is returned as-is; otherwise it is
* resolved against the app origin and env base path.
*
* @param {string} [callbackURI] - The callback URI from config (relative or absolute)
* @returns {string|undefined} - The full callback URL, or undefined if callbackURI is falsy
*/
export const getPasswordlessCallbackUrl = (callbackURI) => {
if (!callbackURI) {
return undefined
}
if (isAbsoluteURL(callbackURI)) {
return callbackURI
}
return `${getAppOrigin()}${getEnvBasePath()}${callbackURI}`
}
/**
* Maps an error message to the appropriate user-friendly error message descriptor
* for passwordless login feature errors.
*
* @param {string} errorMessage - The error message from the API
* @returns {Object} - The message descriptor object (from defineMessage) that can be passed to formatMessage
*/
export const getPasswordlessErrorMessage = (errorMessage) => {
if (PASSWORDLESS_FEATURE_UNAVAILABLE_ERRORS.some((msg) => msg.test(errorMessage))) {
return FEATURE_UNAVAILABLE_ERROR_MESSAGE
}
if (TOO_MANY_REQUESTS_ERROR.test(errorMessage)) {
return TOO_MANY_LOGIN_ATTEMPTS_ERROR_MESSAGE
}
return API_ERROR_MESSAGE
}
/**
* Maps an error message to the appropriate user-friendly error message descriptor
* for password reset feature errors.
*
* @param {string} errorMessage - The error message from the API
* @returns {Object} - The message descriptor object (from defineMessage) that can be passed to formatMessage
*/
export const getPasswordResetErrorMessage = (errorMessage) => {
if (PASSWORD_RESET_FEATURE_UNAVAILABLE_ERRORS.some((msg) => msg.test(errorMessage))) {
return FEATURE_UNAVAILABLE_ERROR_MESSAGE
}
if (TOO_MANY_REQUESTS_ERROR.test(errorMessage)) {
return TOO_MANY_PASSWORD_RESET_ATTEMPTS_ERROR_MESSAGE
}
return API_ERROR_MESSAGE
}