From 2f25861d15aefa868042e70d3e21b7b38a6ae679 Mon Sep 17 00:00:00 2001 From: Elias Schneider Date: Wed, 7 Jan 2026 11:30:37 +0100 Subject: [PATCH] feat: improve passkey error messages --- frontend/messages/en.json | 6 +++++- frontend/src/lib/utils/error-util.ts | 11 +++++++---- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/frontend/messages/en.json b/frontend/messages/en.json index 99e9198c..4833e334 100644 --- a/frontend/messages/en.json +++ b/frontend/messages/en.json @@ -46,7 +46,11 @@ "authenticator_does_not_support_resident_keys": "The authenticator does not support resident keys", "passkey_was_previously_registered": "This passkey was previously registered", "authenticator_does_not_support_any_of_the_requested_algorithms": "The authenticator does not support any of the requested algorithms", - "authenticator_timed_out": "The authenticator timed out", + "webauthn_error_invalid_rp_id": "The configured relying party ID is invalid.", + "webauthn_error_invalid_domain": "The configured domain is invalid.", + "contact_administrator_to_fix": "Contact your administrator to fix this issue.", + "webauthn_operation_not_allowed_or_timed_out": "The operation was not allowed or timed out", + "webauthn_not_supported_by_browser": "Passkeys are not supported by this browser. Please use an alternative sign in method.", "critical_error_occurred_contact_administrator": "A critical error occurred. Please contact your administrator.", "sign_in_to": "Sign in to {name}", "client_not_found": "Client not found", diff --git a/frontend/src/lib/utils/error-util.ts b/frontend/src/lib/utils/error-util.ts index 66c3a221..d3f7e7c8 100644 --- a/frontend/src/lib/utils/error-util.ts +++ b/frontend/src/lib/utils/error-util.ts @@ -33,14 +33,17 @@ export function getWebauthnErrorMessage(e: unknown) { ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED: m.passkey_was_previously_registered(), ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG: m.authenticator_does_not_support_any_of_the_requested_algorithms(), - ERROR_USER_DISABLED_MSG: m.user_disabled() + ERROR_INVALID_DOMAIN: `${m.webauthn_error_invalid_domain()} ${m.contact_administrator_to_fix()}`, + ERROR_INVALID_RP_ID: `${m.webauthn_error_invalid_rp_id()} ${m.contact_administrator_to_fix()}`, + NotSupportedError: m.webauthn_not_supported_by_browser(), + NotAllowedError: m.webauthn_operation_not_allowed_or_timed_out() }; - let message = m.an_unknown_error_occurred(); + let message: string = m.an_unknown_error_occurred(); if (e instanceof WebAuthnError && e.code in errors) { message = errors[e.code as keyof typeof errors]; - } else if (e instanceof WebAuthnError && e?.message.includes('timed out')) { - message = m.authenticator_timed_out(); + } else if (e instanceof WebAuthnError && e.cause instanceof Error && e.cause.name in errors) { + message = errors[e.cause.name as keyof typeof errors]; } else if (e instanceof AxiosError && e.response?.data.error) { message = e.response?.data.error; } else {