Skip to content

Commit ac75bb6

Browse files
Merge pull request #8446 from BitGo/ant-00000-remove-mitm-verbiage
feat(sdk): removing mention of mitm attack from hmac error
2 parents b28bbf2 + 8940333 commit ac75bb6

3 files changed

Lines changed: 4 additions & 12 deletions

File tree

modules/bitgo/test/unit/bitgo.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -559,7 +559,7 @@ describe('BitGo Prototype Methods', function () {
559559
const scope = nock(url).get('/').reply(200);
560560

561561
// test suite bitgo object has hmac verification enabled, so it should throw when the nock responds
562-
await bitgo.get(url).should.be.rejectedWith(/invalid response HMAC, possible man-in-the-middle-attack/);
562+
await bitgo.get(url).should.be.rejectedWith(/invalid response HMAC/);
563563
scope.done();
564564
});
565565

modules/bitgo/test/v2/unit/auth.ts

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -48,11 +48,7 @@ describe('Auth', () => {
4848

4949
const scope = nock(url).get('/').reply(200);
5050

51-
await bitgo
52-
.get(url)
53-
.should.be.rejectedWith(
54-
'server response outside response validity time window, possible man-in-the-middle-attack'
55-
);
51+
await bitgo.get(url).should.be.rejectedWith('server response outside response validity time window');
5652
verifyResponseStub.restore();
5753
scope.done();
5854
});

modules/sdk-api/src/api.ts

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -235,7 +235,7 @@ function assertVerificationResponse(
235235
bitgoToken: partialBitgoToken,
236236
};
237237
debug('Invalid response HMAC: %O', errorDetails);
238-
throw new ApiResponseError('invalid response HMAC, possible man-in-the-middle-attack', 511, errorDetails);
238+
throw new ApiResponseError('invalid response HMAC', 511, errorDetails);
239239
}
240240

241241
if (bitgo.getAuthVersion() === 3 && !verificationResponse.isInResponseValidityWindow) {
@@ -244,11 +244,7 @@ function assertVerificationResponse(
244244
verificationTime: verificationResponse.verificationTime,
245245
};
246246
debug('Server response outside response validity time window: %O', errorDetails);
247-
throw new ApiResponseError(
248-
'server response outside response validity time window, possible man-in-the-middle-attack',
249-
511,
250-
errorDetails
251-
);
247+
throw new ApiResponseError('server response outside response validity time window', 511, errorDetails);
252248
}
253249
}
254250

0 commit comments

Comments
 (0)