From d5647ea905cf8590c845fa495fb1c8b8a99bdb61 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 21 Oct 2021 13:37:21 -0600 Subject: [PATCH] docs: update errors list --- README.md | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 2b880b1..27d28f0 100644 --- a/README.md +++ b/README.md @@ -276,26 +276,25 @@ For now you can limit the number of keys fetched by having a simple whitelist. SemVer Compatibility: - `code` & `status` will remain the same. -- The `message` property of an error is **NOT** included in the semver compatibility guarantee (we intend to make them more client-friendly), neither is `detail` at this time (but it will be once we decide on what it should be). - -For backwards compatibility with v1, the non-stringified `message` is the same as what it was in v1 (and the v2 message is `client_message`, which replaces `message` in v3). Don't rely on it. Rely on `code`. +- `message` is **NOT** included in the semver compatibility guarantee (we intend to make them more client-friendly), neither is `detail` at this time (but it will be once we decide on what it should be). +- `details` may be added to, but not subtracted from | Hint | Code | Status | Message (truncated) | | ------------------- | --------------- | ------ | ------------------------------------------------ | | (developer error) | DEVELOPER_ERROR | 500 | test... | | (bad gateway) | BAD_GATEWAY | 502 | The token could not be verified because our s... | -| (insecure issuer) | MALFORMED_JWT | 400 | 'test' is NOT secure. Set env 'KEYFETCH_ALLOW... | -| (parse error) | MALFORMED_JWT | 400 | could not parse jwt: 'test'... | -| (no issuer) | MALFORMED_JWT | 400 | 'iss' is not defined... | -| (malformed exp) | MALFORMED_JWT | 400 | token's 'exp' has passed or could not parsed:... | -| (expired) | INVALID_JWT | 401 | token's 'exp' has passed or could not parsed:... | -| (inactive) | INVALID_JWT | 401 | token's 'nbf' has not been reached or could n... | -| (bad signature) | INVALID_JWT | 401 | token signature verification was unsuccessful... | -| (jwk not found old) | INVALID_JWT | 401 | Retrieved a list of keys, but none of them ma... | -| (jwk not found) | INVALID_JWT | 401 | No JWK found by kid or thumbprint 'test'... | -| (no jwkws uri) | INVALID_JWT | 401 | Failed to retrieve openid configuration... | -| (unknown issuer) | INVALID_JWT | 401 | token was issued by an untrusted issuer: 'tes... | -| (failed claims) | INVALID_JWT | 401 | token did not match on one or more authorizat... | +| (insecure issuer) | MALFORMED_JWT | 400 | The token could not be verified because our s... | +| (parse error) | MALFORMED_JWT | 400 | The auth token is malformed.... | +| (no issuer) | MALFORMED_JWT | 400 | The token could not be verified because it do... | +| (malformed exp) | MALFORMED_JWT | 400 | The auth token could not be verified because ... | +| (expired) | INVALID_JWT | 401 | The auth token is expired. To try again, go t... | +| (inactive) | INVALID_JWT | 401 | The auth token isn't valid yet. It's activati... | +| (bad signature) | INVALID_JWT | 401 | The auth token did not pass verification beca... | +| (jwk not found old) | INVALID_JWT | 401 | The auth token did not pass verification beca... | +| (jwk not found) | INVALID_JWT | 401 | The auth token did not pass verification beca... | +| (no jwkws uri) | INVALID_JWT | 401 | The auth token did not pass verification beca... | +| (unknown issuer) | INVALID_JWT | 401 | The auth token did not pass verification beca... | +| (failed claims) | INVALID_JWT | 401 | The auth token did not pass verification beca... | # Change Log