[FIX] account expired protocol message was not notified properly

Author: aricart

nats-base-client/core.ts

@@ -89,6 +89,7 @@ export enum ErrorCode {
   ProtocolError = "NATS_PROTOCOL_ERR",
   PermissionsViolation = "PERMISSIONS_VIOLATION",
   AuthenticationTimeout = "AUTHENTICATION_TIMEOUT",
+  AccountExpired = "ACCOUNT_EXPIRED",
 }
 
 export function isNatsError(err: NatsError | Error): err is NatsError {
@@ -171,7 +172,8 @@ export class NatsError extends Error {
 
   isAuthError(): boolean {
     return this.code === ErrorCode.AuthenticationExpired ||
-      this.code === ErrorCode.AuthorizationViolation;
+      this.code === ErrorCode.AuthorizationViolation ||
+      this.code === ErrorCode.AccountExpired;
   }
 
   isAuthTimeout(): boolean {

nats-base-client/protocol.ts

@@ -713,6 +713,8 @@ export class ProtocolHandler implements Dispatcher<ParserEvent> {
       return new NatsError(s, ErrorCode.AuthorizationViolation);
     } else if (t.indexOf("user authentication expired") !== -1) {
       return new NatsError(s, ErrorCode.AuthenticationExpired);
+    } else if (t.indexOf("account authentication expired") != -1) {
+      return new NatsError(s, ErrorCode.AccountExpired);
     } else if (t.indexOf("authentication timeout") !== -1) {
       return new NatsError(s, ErrorCode.AuthenticationTimeout);
     } else {

tests/auth_test.ts

@@ -16,6 +16,7 @@
 import {
   assertArrayIncludes,
   assertEquals,
+  assertExists,
   assertRejects,
   assertStringIncludes,
   fail,
@@ -1299,3 +1300,46 @@ Deno.test("auth - sub permission queue", async () => {
   assertStringIncludes(err.message, 'using queue "bad"');
   await cleanup(ns, nc);
 });
+
+Deno.test("auth - account expired", async () => {
+  const O = nkeys.createOperator();
+  const A = nkeys.createAccount();
+
+  const resolver: Record<string, string> = {};
+  resolver[A.getPublicKey()] = await encodeAccount("A", A, {
+    limits: {
+      conn: -1,
+      subs: -1,
+    },
+  }, { signer: O, exp: Math.round(Date.now() / 1000) + 3 });
+
+  const conf = {
+    operator: await encodeOperator("O", O),
+    resolver: "MEMORY",
+    "resolver_preload": resolver,
+  };
+
+  const U = nkeys.createUser();
+  const ujwt = await encodeUser("U", U, A, { bearer_token: true });
+
+  const { ns, nc } = await setup(conf, {
+    reconnect: false,
+    authenticator: jwtAuthenticator(ujwt),
+  });
+
+  const d = deferred();
+  (async () => {
+    for await (const s of nc.status()) {
+      if (s.type === Events.Error && s.data === ErrorCode.AccountExpired) {
+        d.resolve();
+        break;
+      }
+    }
+  })().catch(() => {});
+
+  const w = await nc.closed();
+  assertExists(w);
+  assertEquals((w as NatsError).code, ErrorCode.AccountExpired);
+
+  await cleanup(ns, nc);
+});