Correctly error out with message if org is classic.

Closes #225
okta · Aug 27, 2024 · 924ebe4 · 924ebe4
1 parent e854582
commit 924ebe4
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/cmd/root/web/web.go b/cmd/root/web/web.go
@@ -97,6 +97,9 @@ func NewWebCommand() *cobra.Command {
 
 			for attempt := 1; attempt <= 2; attempt++ {
 				wsa, err := webssoauth.NewWebSSOAuthentication(cfg)
+				if _, ok := err.(*webssoauth.ClassicOrgError); ok {
+					return err
+				}
 				if err != nil {
 					break
 				}

diff --git a/internal/webssoauth/webssoauth.go b/internal/webssoauth/webssoauth.go
@@ -125,7 +125,7 @@ func NewWebSSOAuthentication(cfg *config.Config) (token *WebSSOAuthentication, e
 		config: cfg,
 	}
 	if token.isClassicOrg() {
-		return nil, fmt.Errorf("%q is a Classic org, okta-aws-cli is an-OIE only tool", cfg.OrgDomain())
+		return nil, NewClassicOrgError(cfg.OrgDomain())
 	}
 	if cfg.IsProcessCredentialsFormat() {
 		if cfg.AWSIAMIdP() == "" || cfg.AWSIAMRole() == "" || !cfg.OpenBrowser() {
@@ -1079,6 +1079,21 @@ func apiErr(bodyBytes []byte) (ae *okta.APIError, err error) {
 	return
 }
 
+// ClassicOrgError Convenience error class.
+type ClassicOrgError struct {
+	orgDomain string
+}
+
+// NewClassicOrgError ClassicOrgError constructor
+func NewClassicOrgError(orgDomain string) *ClassicOrgError {
+	return &ClassicOrgError{orgDomain: orgDomain}
+}
+
+// Error Error interface error message
+func (e *ClassicOrgError) Error() string {
+	return fmt.Sprintf("%q is a Classic org, okta-aws-cli is an-OIE only tool", e.orgDomain)
+}
+
 // isClassicOrg Conduct simple check of well known endpoint to determine if the
 // org is a classic org. Will soft fail on errors.
 func (w *WebSSOAuthentication) isClassicOrg() bool {