@@ -146,7 +146,7 @@ export class Commands {
146146
147147 const url = await this . maybeAskUrl ( inputUrl )
148148 if ( ! url ) {
149- return
149+ return // The user aborted.
150150 }
151151
152152 // It is possible that we are trying to log into an old-style host, in which
@@ -157,7 +157,7 @@ export class Commands {
157157 // Try to get a token from the user, if we need one, and their user.
158158 const res = await this . maybeAskToken ( url , inputToken )
159159 if ( ! res ) {
160- return // The user aborted.
160+ return // The user aborted, or unable to auth .
161161 }
162162
163163 // The URL is good and the token is either good or not required; authorize
@@ -199,16 +199,26 @@ export class Commands {
199199 /**
200200 * If necessary, ask for a token, and keep asking until the token has been
201201 * validated. Return the token and user that was fetched to validate the
202- * token.
202+ * token. Null means the user aborted or we were unable to authenticate with
203+ * mTLS (in the latter case, an error notification will have been displayed).
203204 */
204205 private async maybeAskToken ( url : string , token : string ) : Promise < { user : User ; token : string } | null > {
205206 const restClient = await makeCoderSdk ( url , token , this . storage )
206207 if ( ! needToken ( ) ) {
207- return {
208+ try {
209+ const user = await restClient . getAuthenticatedUser ( )
208210 // For non-token auth, we write a blank token since the `vscodessh`
209211 // command currently always requires a token file.
210- token : "" ,
211- user : await restClient . getAuthenticatedUser ( ) ,
212+ return { token : "" , user }
213+ } catch ( err ) {
214+ const message = getErrorMessage ( err , "no response from the server" )
215+ this . vscodeProposed . window . showErrorMessage ( "Failed to log in" , {
216+ detail : message ,
217+ modal : true ,
218+ useCustom : true ,
219+ } )
220+ // Invalid certificate, most likely.
221+ return null
212222 }
213223 }
214224
0 commit comments