Skip to content

Commit 4b9a506

Browse files
joaquim-vergesjoaquim-verges
authored
[service-utils] Improve 403 error messages with team and project details (#7114)
1 parent 77da352 commit 4b9a506

File tree

3 files changed

+12
-7
lines changed

3 files changed

+12
-7
lines changed

.changeset/blue-mice-prove.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
---
2+
"@thirdweb-dev/service-utils": patch
3+
---
4+
5+
Better error messages for 403 responses

packages/service-utils/src/core/authorize/service.test.ts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -31,8 +31,8 @@ describe("authorizeService", () => {
3131
// biome-ignore lint/suspicious/noExplicitAny: test only
3232
) as any;
3333
expect(result.authorized).toBe(false);
34-
expect(result.errorMessage).toBe(
35-
"Invalid request: Unauthorized service: nebula. You can view the restrictions for this team in your dashboard: https://thirdweb.com",
34+
expect(result.errorMessage).toContain(
35+
"Invalid request: Unauthorized service: nebula",
3636
);
3737
expect(result.errorCode).toBe("SERVICE_UNAUTHORIZED");
3838
expect(result.status).toBe(403);
@@ -52,8 +52,8 @@ describe("authorizeService", () => {
5252
// biome-ignore lint/suspicious/noExplicitAny: test only
5353
) as any;
5454
expect(result.authorized).toBe(false);
55-
expect(result.errorMessage).toBe(
56-
"Invalid request: Unauthorized action: storage unauthorized-action. You can view the restrictions on this API key in your dashboard: https://thirdweb.com/create-api-key",
55+
expect(result.errorMessage).toContain(
56+
"Invalid request: Unauthorized action: storage unauthorized-action",
5757
);
5858
expect(result.errorCode).toBe("SERVICE_ACTION_UNAUTHORIZED");
5959
expect(result.status).toBe(403);

packages/service-utils/src/core/authorize/service.ts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ export function authorizeService(
1919
if (!team.enabledScopes.includes(serviceConfig.serviceScope)) {
2020
return {
2121
authorized: false,
22-
errorMessage: `Invalid request: Unauthorized service: ${serviceConfig.serviceScope}. You can view the restrictions for this team in your dashboard: https://thirdweb.com`,
22+
errorMessage: `Invalid request: Unauthorized service: ${serviceConfig.serviceScope} for team: ${team.name} (${team.id}). You can view the restrictions for this team in your dashboard: https://thirdweb.com`,
2323
errorCode: "SERVICE_UNAUTHORIZED",
2424
status: 403,
2525
};
@@ -42,7 +42,7 @@ export function authorizeService(
4242
if (!service) {
4343
return {
4444
authorized: false,
45-
errorMessage: `Invalid request: Unauthorized service: ${serviceConfig.serviceScope}. You can view the restrictions on this project in your dashboard: https://thirdweb.com`,
45+
errorMessage: `Invalid request: Unauthorized service: ${serviceConfig.serviceScope} for project: ${project.name} (${project.publishableKey}). You can view the restrictions on this project in your dashboard: https://thirdweb.com`,
4646
errorCode: "SERVICE_UNAUTHORIZED",
4747
status: 403,
4848
};
@@ -56,7 +56,7 @@ export function authorizeService(
5656
if (!isActionAllowed) {
5757
return {
5858
authorized: false,
59-
errorMessage: `Invalid request: Unauthorized action: ${serviceConfig.serviceScope} ${serviceConfig.serviceAction}. You can view the restrictions on this API key in your dashboard: https://thirdweb.com/create-api-key`,
59+
errorMessage: `Invalid request: Unauthorized action: ${serviceConfig.serviceScope} ${serviceConfig.serviceAction} for project: ${project.name} (${project.publishableKey}). You can view the restrictions on this API key in your dashboard: https://thirdweb.com/create-api-key`,
6060
errorCode: "SERVICE_ACTION_UNAUTHORIZED",
6161
status: 403,
6262
};

0 commit comments

Comments
 (0)