darrenmce
commented
1 week ago running into this today, wish we could let these errors escape
Open YMarumo opened 6 months ago
darrenmce
commented
1 week ago running into this today, wish we could let these errors escape
Checklist
Description
We are currently using Express OpenID Connect. We are using a custom session store (Redis) for session management, but we are having trouble controlling the response to users because there is no way to handle errors when an error occurs, such as the Redis server going down.
https://github.com/auth0/express-openid-connect/blob/master/lib/appSession.js#L352-L363
I have looked at the source code, and when an error occurs in the Redis Client, I think the error is caught in the above section. What is the reason why next(error) is not called in this location? We believe that because next(error) is not called at this location, it is not being handled by the error handling middleware we have implemented. If possible, we would like to handle errors picked up here with error handling middleware, with the error handling middleware we implement here and display an arbitrary error screen to the user. If this is difficult, any breakthrough would be appreciated. Thank you in advance.
Reproduction
Step 1: Set up a local redis server Step 2: Setup a local redis server as a custom session store in your app with Express OpenID Connect embedded Step 3: Launch the app and go to the IdP login screen Step 4: At this point, shut down the local redis server Step 5: Complete end-user authentication with the IdP Step 6: Naturally, an error occurs because the connection to the Redis server cannot be established, but the error handling middleware cannot handle the error and the screen transition does not occur.
Additional context
No response
express-openid-connect version
2.17.1
Express version
4.17.1
Node.js version
18.20.2