Unable to access pending_authentication_token in error response

[joshpensky]

Hi there!

We are testing out not-so-happy paths in our authentication flow, and found an issue with the password auth flow: https://workos.com/docs/reference/user-management/authentication/password

When the user's email is not verified, we expect to receive a email_verification_required error. However, the handle_error_response method in the WorkOS client doesn't pass along the code or pending_authentication_token fields to the default APIError class:

workos-ruby/lib/workos/client.rb

Lines 169 to 173 in 68133ff

	raise APIError.new(
	message: json['message'],
	http_status: http_status,
	request_id: response['x-request-id'],
	)

Could y'all make it so the else case here passes along the code and original error response if available?

Our workaround for now is to drop down to using the REST API via Faraday

[PaulAsjes]

Hi there, thanks for the report. We're looking into this and will report back soon.

[PaulAsjes]

This should now be fixed in v5.0.0!

[vddgil]

Hello there,

It's not fixed. When you use the method authenticate_with_password and you get an error code email_verification_required, a WorkOS::APIError exception is raised and this exception doesn't contain the needed data to continue the flow (pending_authentication_token and email_verification_id)

@PaulAsjes Maybe you could re-open this issue?

[sungwon]

Hi, I am having the same issue. It is not yet fixed. Could you please re-open?

Also, noting that the error response code 403 indicates that the API key used did not have the correct permissions, which is confusing. Most likely it should be a 400.

[sungwon]

I'm currently using a fork of the SDK and added a one-line hack to handle the 403 like a 400 in case this may help others move forward with their integration:
https://github.com/sungwon/workos-ruby/blob/e718dcc539f1a0e11977774cd39fdaf7a07e5f3c/lib/workos/client.rb#L95

[PaulAsjes]

Sorry for the delay here, re-opening so we can fix this.