From 24848bc889cfc0a8313c2b3e378ac0d625b9bc16 Mon Sep 17 00:00:00 2001 From: Balaga Gayatri Date: Tue, 21 Jun 2022 16:44:24 +0530 Subject: [PATCH] Error handling for token permissions (#235) --- action.yml | 2 +- lib/main.js | 22 ++++++++++++---------- src/main.ts | 22 ++++++++++++---------- 3 files changed, 25 insertions(+), 21 deletions(-) diff --git a/action.yml b/action.yml index 93467b50..3dc2ae9e 100644 --- a/action.yml +++ b/action.yml @@ -34,5 +34,5 @@ branding: icon: 'login.svg' color: 'blue' runs: - using: 'node12' + using: 'node16' main: 'lib/main.js' diff --git a/lib/main.js b/lib/main.js index c2ed27af..26f5b274 100644 --- a/lib/main.js +++ b/lib/main.js @@ -132,17 +132,19 @@ function main() { // OIDC specific checks if (enableOIDC) { console.log('Using OIDC authentication...'); - //generating ID-token - let audience = core.getInput('audience', { required: false }); - federatedToken = yield core.getIDToken(audience); - if (!!federatedToken) { - if (environment != "azurecloud") - throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`); - let [issuer, subjectClaim] = yield jwtParser(federatedToken); - console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim); + try { + //generating ID-token + let audience = core.getInput('audience', { required: false }); + federatedToken = yield core.getIDToken(audience); + if (!!federatedToken) { + if (environment != "azurecloud") + throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`); + let [issuer, subjectClaim] = yield jwtParser(federatedToken); + console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim); + } } - else { - throw new Error("Could not get ID token for authentication."); + catch (error) { + core.error(`${error.message.split(':')[1]}. Please make sure to give write permissions to id-token in the workflow.`); } } // Attempting Az cli login diff --git a/src/main.ts b/src/main.ts index 49473977..860bce29 100644 --- a/src/main.ts +++ b/src/main.ts @@ -110,17 +110,19 @@ async function main() { // OIDC specific checks if (enableOIDC) { console.log('Using OIDC authentication...') - //generating ID-token - let audience = core.getInput('audience', { required: false }); - federatedToken = await core.getIDToken(audience); - if (!!federatedToken) { - if (environment != "azurecloud") - throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`); - let [issuer, subjectClaim] = await jwtParser(federatedToken); - console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim); + try { + //generating ID-token + let audience = core.getInput('audience', { required: false }); + federatedToken = await core.getIDToken(audience); + if (!!federatedToken) { + if (environment != "azurecloud") + throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`); + let [issuer, subjectClaim] = await jwtParser(federatedToken); + console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim); + } } - else { - throw new Error("Could not get ID token for authentication."); + catch (error) { + core.error(`${error.message.split(':')[1]}. Please make sure to give write permissions to id-token in the workflow.`); } }