forked from actions/setup-maven
62 lines
1.6 KiB
JavaScript
62 lines
1.6 KiB
JavaScript
module.exports = authenticationRequestError;
|
|
|
|
const { RequestError } = require("@octokit/request-error");
|
|
|
|
function authenticationRequestError(state, error, options) {
|
|
if (!error.headers) throw error;
|
|
|
|
const otpRequired = /required/.test(error.headers["x-github-otp"] || "");
|
|
// handle "2FA required" error only
|
|
if (error.status !== 401 || !otpRequired) {
|
|
throw error;
|
|
}
|
|
|
|
if (
|
|
error.status === 401 &&
|
|
otpRequired &&
|
|
error.request &&
|
|
error.request.headers["x-github-otp"]
|
|
) {
|
|
if (state.otp) {
|
|
delete state.otp; // no longer valid, request again
|
|
} else {
|
|
throw new RequestError(
|
|
"Invalid one-time password for two-factor authentication",
|
|
401,
|
|
{
|
|
headers: error.headers,
|
|
request: options
|
|
}
|
|
);
|
|
}
|
|
}
|
|
|
|
if (typeof state.auth.on2fa !== "function") {
|
|
throw new RequestError(
|
|
"2FA required, but options.on2fa is not a function. See https://github.com/octokit/rest.js#authentication",
|
|
401,
|
|
{
|
|
headers: error.headers,
|
|
request: options
|
|
}
|
|
);
|
|
}
|
|
|
|
return Promise.resolve()
|
|
.then(() => {
|
|
return state.auth.on2fa();
|
|
})
|
|
.then(oneTimePassword => {
|
|
const newOptions = Object.assign(options, {
|
|
headers: Object.assign(options.headers, {
|
|
"x-github-otp": oneTimePassword
|
|
})
|
|
});
|
|
return state.octokit.request(newOptions).then(response => {
|
|
// If OTP still valid, then persist it for following requests
|
|
state.otp = oneTimePassword;
|
|
return response;
|
|
});
|
|
});
|
|
}
|