putting id-token generation in try catch block

2026-06-08 10:47:06 +00:00 · 2022-06-16 17:22:49 +05:30 · 2022-06-16 17:22:49 +05:30 · 6143ae0900
commit 6143ae0900
parent 11ff950770
2 changed files with 25 additions and 21 deletions
--- a/lib/main.js
+++ b/lib/main.js
@ -132,17 +132,19 @@ function main() {
            // OIDC specific checks
            if (enableOIDC) {
                console.log('Using OIDC authentication...');
-                //generating ID-token
-                let audience = core.getInput('audience', { required: false });
-                federatedToken = yield core.getIDToken(audience);
-                if (!!federatedToken) {
-                    if (environment != "azurecloud")
-                        throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`);
-                    let [issuer, subjectClaim] = yield jwtParser(federatedToken);
-                    console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim);
+                try {
+                    //generating ID-token
+                    let audience = core.getInput('audience', { required: false });
+                    federatedToken = yield core.getIDToken(audience);
+                    if (!!federatedToken) {
+                        if (environment != "azurecloud")
+                            throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`);
+                        let [issuer, subjectClaim] = yield jwtParser(federatedToken);
+                        console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim);
+                    }
                }
-                else {
-                    throw new Error("Could not get ID token for authentication.");
+                catch (error) {
+                    core.error(`${error.message.split(':')[1]}. Please make sure to give write permissions to id-token in the workflow.`);
                }
            }
            // Attempting Az cli login
@ -239,4 +241,4 @@ function jwtParser(federatedToken) {
        return [decodedPayload['iss'], decodedPayload['sub']];
    });
 }
-main();
+main();
--- a/src/main.ts
+++ b/src/main.ts
@ -110,17 +110,19 @@ async function main() {
        // OIDC specific checks
        if (enableOIDC) {
            console.log('Using OIDC authentication...')
-            //generating ID-token
-            let audience = core.getInput('audience', { required: false });
-            federatedToken = await core.getIDToken(audience);
-            if (!!federatedToken) {
-                if (environment != "azurecloud")
-                    throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`);
-                let [issuer, subjectClaim] = await jwtParser(federatedToken);
-                console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim);
+            try {
+                //generating ID-token
+                let audience = core.getInput('audience', { required: false });
+                federatedToken = await core.getIDToken(audience);
+                if (!!federatedToken) {
+                    if (environment != "azurecloud")
+                        throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`);
+                    let [issuer, subjectClaim] = await jwtParser(federatedToken);
+                    console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim);
+                }
            }
-            else {
-                throw new Error("Could not get ID token for authentication.");
+            catch (error) {
+                core.error(`${error.message.split(':')[1]}. Please make sure to give write permissions to id-token in the workflow.`);
            }
        }