egullickson/motovaultpro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: capture Auth0 error response in WIF token script (refs #127)
All checks were successful
Deploy to Staging / Build Images (pull_request) Successful in 35s
Details
Deploy to Staging / Deploy to Staging (pull_request) Successful in 51s
Details
Deploy to Staging / Verify Staging (pull_request) Successful in 9s
Details
Deploy to Staging / Notify Staging Ready (pull_request) Successful in 7s
Details
Deploy to Staging / Notify Staging Failure (pull_request) Has been skipped
Details

Browse Source 
The set -e + curl --fail-with-body inside $() caused the script to exit
with code 22 and empty stderr, hiding the actual Auth0 error. Switch to
writing the body to a temp file and checking HTTP status manually so the
error response is visible in logs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Eric Gullickson
2026-02-10 18:41:34 -06:00
parent a416f76c21
commit 7bba28154d
1 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
ocr/scripts/fetch-auth0-token.sh
View File

@@ -31,7 +31,10 @@ CLIENT_ID=$(cat "$CLIENT_ID_FILE" | tr -d '[:space:]')
CLIENT_SECRET=$(cat "$CLIENT_SECRET_FILE" | tr -d '[:space:]') CLIENT_SECRET=$(cat "$CLIENT_SECRET_FILE" | tr -d '[:space:]')
# Request M2M token from Auth0 # Request M2M token from Auth0
RESPONSE=$(curl -s --fail-with-body \ # Write body to temp file, capture HTTP status code separately.
# Avoids --fail-with-body + set -e which swallows errors inside $().
BODY_FILE=$(mktemp)
HTTP_CODE=$(curl -s -w '%{http_code}' -o "$BODY_FILE" \
--request POST \ --request POST \
--url "https://${AUTH0_DOMAIN}/oauth/token" \ --url "https://${AUTH0_DOMAIN}/oauth/token" \
--header 'Content-Type: application/json' \ --header 'Content-Type: application/json' \
@@ -40,11 +43,13 @@ RESPONSE=$(curl -s --fail-with-body \
\"client_secret\": \"${CLIENT_SECRET}\", \"client_secret\": \"${CLIENT_SECRET}\",
\"audience\": \"${AUDIENCE}\", \"audience\": \"${AUDIENCE}\",
\"grant_type\": \"client_credentials\" \"grant_type\": \"client_credentials\"
}") }") || true
RESPONSE=$(cat "$BODY_FILE")
rm -f "$BODY_FILE"
if [ $? -ne 0 ]; then if [ "$HTTP_CODE" != "200" ]; then
echo "Error: Auth0 token request failed" >&2 echo "Error: Auth0 token request failed (HTTP $HTTP_CODE)" >&2
echo "$RESPONSE" >&2 echo "Response: $RESPONSE" >&2
exit 1 exit 1
fi fi