These are intended for situations where access to a service or endpoint is prevented because of invalid authorization, or when some other security-related failure is detected, for example an API rate limit exceeded.
const myFunction = (...args) => {
const functionName = 'myFunction';
// snip...>
const additionalInformation = 'Some important context'; // If needed
const details = { countExceeded, retryCount, additionalInformation };
const code = SECURITY.loginFailure;
logger.securityError({ functionName, code, details });
const SECURITY = {
  • loginFailure
  • rateLimitExceeded
  • invalidJWT
  • InvalidAccessToken
  • securityOther This is intended for situations not yet anticipated. The details should have a field errorKind with a tag to describe the kind of error, which could then be added in a later version of this library component.
Every call to the function should provide the functionName, a SECURITY_ERROR code, and an optional details object. The details object structure is simply an object that allows one or more variables to have their values included in the logged data. Details should not have any PHI or PII. The clientId or oneupUserId may be acceptable to give context.

These are intended for situations where it is detected that a failure is occurring because of some network or other connection problem. This implies that the error can be attributed to a network problem. It is not immediately clear what errors will be able to be attributed to network issues. It may require using patterns to examine the err.message from AWS SDK calls, for example. In some cases that will not be possible to determine, in which case the more generic internalError should be used.
const NETWORK = {
  • timeout
  • dns
  • unreachable
  • networkOther

These are intended for situations where some function requires configuration settings but they are not available or they are invalid. An example is typically a missing environment variable, or an environment variable that is set to an invalid value like an invalid URL or a setting that must be convertible to a number.
comst missingSettings = ['ONEUPHEALTH_FHIR_JWT_AUTH_PUBLIC_KEY'];
const details = { missingSettings };
const code = CONFIGURATION.missingSetting;
logger.configurationError({ functionName, code, details });
  • missingSetting
  • badSettingValue
  • inaccessibleSetting // Such as retrieving a JWKS endpoint or reading an S3 bucket
  • configurationOther

This will usually occur when undefined variables occur, various unexpected exceptions occur, etc. So when a function is called that must have three arguments but one is undefined or a call to an AWS service returns an unexpected error like a 400 or 500 (as opposed to a 404 which might be expected in some context).
Many of these errors imply some logic error or programming bug. Or, they may indicate some deployment problem, so that a required service is not accessible.
const INTERNAL = {
  • invalidFunctionCall - missing or invalid arguments
  • internalOther
Last modified 1yr ago
Copy link
On this page
Method name same as output error string