Change handleError to throw or call next if not OAuthError

oauthjs / express-oauth-server

Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in node.js

MIT License

484 stars 384 forks source link

Change handleError to throw or call next if not OAuthError #31

Open chainlink opened 8 years ago

chainlink commented 8 years ago

If the error encountered is not expected (ie. not an OAuth Library error) it should re throw the error (or at least pass it to next to be dealt with)

https://github.com/oauthjs/express-oauth-server/blob/master/index.js#L142

I propose checking if it's an instance of https://github.com/oauthjs/node-oauth2-server/blob/master/lib/errors/oauth-error.js

If you agree I can prepare a PR

maxtruxa commented 8 years ago

None of the middlewares exported by OAuth2Server ever return an unknown error type. Unknown errors are always wrapped using ServerError (#authenticate, #authorize, #token).

With #19 merged you can initialize the server like this:

new OAuthServer({
  model: ...,
  useErrorHandler: true
});

which tells express-oauth-server to forward errors using next(err) instead of sending a response by itself.