Thrown when an argument to a function or constructor is missing or of the
wrong type — i.e. a programming or configuration error in the code that
integrates this library (for example, a missing server option, or a model
that does not implement a required method).
InvalidArgumentError is not an OAuth 2.0 protocol error: its
invalid_argument code (HTTP 500) is not one of the error codes defined by
RFC 6749 and must never be sent to an OAuth client. How it surfaces therefore
depends on when it is raised:
- At construction / configuration time (missing options, a
modelmissing a required method, orrequest/responsenot being instances of this library'sRequest/Response) it is thrown to your code unchanged, before any response is produced — so you can catch it while wiring up the server. - While handling a request (for example, when a
modelreturns malformed token data) thetokenandauthorizehandlers normalise it to aServerError(server_error) before the response reaches the client, preserving the original error as.inner. So when youcatcherrors fromOAuth2Server#tokenorOAuth2Server#authorize, expect aServerError(inspect its.inner) for these cases — not anInvalidArgumentError.
| Param | Type |
|---|---|
| message | string |
| [properties] | object |