Error handling in Bluescape

Amerehei · October 25, 2023, 8:37pm

I would like to know what is the proper way to handle error of GraphQL.
I have sent my request via ApolloClient in TS with an invalid access token to rise an error

The HTTP status code is 200 OK and the response is

{
    "errors": [
        {
            "message": "Token verification failed: invalid signature",
            "path": [
                "elements"
            ]
        }
    ],
    "data": {
        "elements": null
    }
}

I expected whether get 401 Unauthorized or a code inside error message like

{
    "errors": [
        {
            "code": "Unauthorized",
             "message": "Token verification failed: invalid signature",    
            "path": [
                "elements"
            ]
        }
    ],
    "data": {
        "elements": null
    }
}

So I can detect that the token is expired by comparing code==='Unauthorized'
I don’t think it’s safe to detect it from message as they are human readable messages and subject to change

My question is:

In case of server error, how can I detect error type. e.g. to execute refresh token procedure
Is it safe to simply retry in all errors except authorization and bad request errors?

kkoechley · October 26, 2023, 12:38pm

Hi @Amerehei,

This is a good question - and might be a bug. Let me investigate and I will get back to you.

Amerehei · November 6, 2023, 4:20pm

@kkoechley Any updates?

kkoechley · November 7, 2023, 6:26pm

hi @Amerehei,

Sorry for the delay, but this is currently scheduled for December release.

In the meantime, if you want a workaround to verify tokens, you can either look at the decoded jwt token to get the expiration date, or you can make a simple call using our ISAM user Management APIs which do not have the missing statusCode.

An example of an ISAM call is to lookup profile information for the user who authorized the bearer token:

query getMyProfile{
   me {
        profile{
            firstName
            lastName
            id
            email
            invitationStatus
            applicationRole{
                name
                id
                permissions
            }
        }
        organizations{
            results{
                name
                id
                
                defaultOrganizationUserRole{
                    id
                    name
                    isCustom
                }
            }
        }
    }
}

with a 401 response:

{
    "errors": [
        {
            "message": "User authentication failed",
            "path": [
                "me"
            ],
            "extensions": {
                "code": "UNAUTHENTICATED",
                "requestId": "48be1270-aebd-46b7-af00-a6a6bd5c6946",
                "statusCode": 401
            }
        }
    ],
    "data": null
}

Amerehei · November 7, 2023, 8:10pm

What would happen after December release? How can I detect error like 401?

kkoechley · November 7, 2023, 8:59pm

Hi @Amerehei,

I believe you should be able to find the error as a statusCode as shown in my example response.

system · December 7, 2023, 9:00pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.