module.exports = authenticationRequestError const { RequestError } = require('@octokit/request-error') function authenticationRequestError (state, error, options) { if (!error.headers) throw error const otpRequired = /required/.test(error.headers['x-github-otp'] || '') // handle "2FA required" error only if (error.status !== 401 || !otpRequired) { throw error } if (error.status === 401 && otpRequired && error.request && error.request.headers['x-github-otp']) { if (state.otp) { delete state.otp // no longer valid, request again } else { throw new RequestError('Invalid one-time password for two-factor authentication', 401, { headers: error.headers, request: options }) } } if (typeof state.auth.on2fa !== 'function') { throw new RequestError('2FA required, but options.on2fa is not a function. See https://github.com/octokit/rest.js#authentication', 401, { headers: error.headers, request: options }) } return Promise.resolve() .then(() => { return state.auth.on2fa() }) .then((oneTimePassword) => { const newOptions = Object.assign(options, { headers: Object.assign(options.headers, { 'x-github-otp': oneTimePassword }) }) return state.octokit.request(newOptions) .then(response => { // If OTP still valid, then persist it for following requests state.otp = oneTimePassword return response }) }) }