@directus/api 11.0.1 → 12.0.0

package/dist/app.js

@@ -39,8 +39,7 @@ import webhooksRouter from './controllers/webhooks.js';
 import { isInstalled, validateDatabaseConnection, validateDatabaseExtensions, validateMigrations, } from './database/index.js';
 import emitter from './emitter.js';
 import env from './env.js';
-import { InvalidPayloadException } from './exceptions/invalid-payload.js';
-import { ServiceUnavailableException } from './exceptions/service-unavailable.js';
+import { InvalidPayloadError, ServiceUnavailableError } from './errors/index.js';
 import { getExtensionManager } from './extensions.js';
 import { getFlowManager } from './flows.js';
 import logger, { expressLogger } from './logger.js';
@@ -98,7 +97,7 @@ export default async function createApp() {
             maxEventLoopDelay: env['PRESSURE_LIMITER_MAX_EVENT_LOOP_DELAY'],
             maxMemoryRss: env['PRESSURE_LIMITER_MAX_MEMORY_RSS'],
             maxMemoryHeapUsed: env['PRESSURE_LIMITER_MAX_MEMORY_HEAP_USED'],
-            error: new ServiceUnavailableException('Under pressure', { service: 'api' }),
+            error: new ServiceUnavailableError({ service: 'api', reason: 'Under pressure' }),
             retryAfter: env['PRESSURE_LIMITER_RETRY_AFTER'],
         }));
     }
@@ -137,7 +136,7 @@ export default async function createApp() {
             limit: env['MAX_PAYLOAD_SIZE'],
         })(req, res, (err) => {
             if (err) {
-                return next(new InvalidPayloadException(err.message));
+                return next(new InvalidPayloadError({ reason: err.message }));
             }
             return next();
         });

package/dist/auth/auth.d.ts

@@ -9,7 +9,7 @@ export declare abstract class AuthDriver {
      * Get user id for a given provider payload
      *
      * @param payload Any data that the user might've provided
-     * @throws InvalidCredentialsException
+     * @throws InvalidCredentialsError
      * @return User id of the identifier
      */
     abstract getUserID(payload: Record<string, any>): Promise<string>;
@@ -18,7 +18,7 @@ export declare abstract class AuthDriver {
      *
      * @param user User information
      * @param password User password
-     * @throws InvalidCredentialsException
+     * @throws InvalidCredentialsError
      */
     abstract verify(user: User, password?: string): Promise<void>;
     /**
@@ -26,7 +26,7 @@ export declare abstract class AuthDriver {
      *
      * @param _user User information
      * @param _payload Any data that the user might've provided
-     * @throws InvalidCredentialsException
+     * @throws InvalidCredentialsError
      * @returns Data to be stored with the session
      */
     login(_user: User, _payload: Record<string, any>): Promise<void>;
@@ -34,7 +34,7 @@ export declare abstract class AuthDriver {
      * Handle user session refresh
      *
      * @param _user User information
-     * @throws InvalidCredentialsException
+     * @throws InvalidCredentialsError
      */
     refresh(_user: User): Promise<void>;
     /**

package/dist/auth/auth.js

@@ -10,7 +10,7 @@ export class AuthDriver {
      *
      * @param _user User information
      * @param _payload Any data that the user might've provided
-     * @throws InvalidCredentialsException
+     * @throws InvalidCredentialsError
      * @returns Data to be stored with the session
      */
     async login(_user, _payload) {
@@ -20,7 +20,7 @@ export class AuthDriver {
      * Handle user session refresh
      *
      * @param _user User information
-     * @throws InvalidCredentialsException
+     * @throws InvalidCredentialsError
      */
     async refresh(_user) {
         return;

package/dist/auth/drivers/ldap.js

@@ -1,11 +1,11 @@
+import { isDirectusError } from '@directus/errors';
 import { Router } from 'express';
 import Joi from 'joi';
 import ldap from 'ldapjs';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
 import env from '../../env.js';
-import { RecordNotUniqueException } from '../../exceptions/database/record-not-unique.js';
-import { InvalidConfigException, InvalidCredentialsException, InvalidPayloadException, InvalidProviderException, ServiceUnavailableException, UnexpectedResponseException, } from '../../exceptions/index.js';
+import { ErrorCode, InvalidCredentialsError, InvalidPayloadError, InvalidProviderError, InvalidProviderConfigError, ServiceUnavailableError, UnexpectedResponseError, } from '../../errors/index.js';
 import logger from '../../logger.js';
 import { respond } from '../../middleware/respond.js';
 import { AuthenticationService } from '../../services/authentication.js';
@@ -30,7 +30,8 @@ export class LDAPAuthDriver extends AuthDriver {
             !userDn ||
             !provider ||
             (!clientUrl && !config['client']?.socketPath)) {
-            throw new InvalidConfigException('Invalid provider config', { provider });
+            logger.error('Invalid provider config');
+            throw new InvalidProviderConfigError({ provider });
         }
         const clientConfig = typeof config['client'] === 'object' ? config['client'] : {};
         this.bindClient = ldap.createClient({ url: clientUrl, reconnect: true, ...clientConfig });
@@ -57,8 +58,9 @@ export class LDAPAuthDriver extends AuthDriver {
                     this.bindClient.bind(bindDn, bindPassword, (err) => {
                         if (err) {
                             const error = handleError(err);
-                            if (error instanceof InvalidCredentialsException) {
-                                reject(new InvalidConfigException('Invalid bind user', { provider }));
+                            if (isDirectusError(error, ErrorCode.InvalidCredentials)) {
+                                logger.warn('Invalid bind user');
+                                reject(new InvalidProviderConfigError({ provider }));
                             }
                             else {
                                 reject(error);
@@ -72,7 +74,8 @@ export class LDAPAuthDriver extends AuthDriver {
                 res.on('end', (result) => {
                     // Handle edge case where authenticated bind user cannot read their own DN
                     if (result?.status === 0) {
-                        reject(new UnexpectedResponseException('Failed to find bind user record'));
+                        logger.warn('[LDAP] Failed to find bind user record');
+                        reject(new UnexpectedResponseError());
                     }
                 });
             });
@@ -162,7 +165,7 @@ export class LDAPAuthDriver extends AuthDriver {
     }
     async getUserID(payload) {
         if (!payload['identifier']) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         await this.validateBindClient();
         const { userDn, userScope, userAttribute, groupDn, groupScope, groupAttribute, defaultRoleId } = this.config;
@@ -171,7 +174,7 @@ export class LDAPAuthDriver extends AuthDriver {
             value: payload['identifier'],
         }), userScope ?? 'one');
         if (!userInfo?.dn) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         let userRole;
         if (groupDn) {
@@ -204,7 +207,7 @@ export class LDAPAuthDriver extends AuthDriver {
             return userId;
         }
         if (!userInfo) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         const userPayload = {
             provider: this.config['provider'],
@@ -221,9 +224,9 @@ export class LDAPAuthDriver extends AuthDriver {
             await this.usersService.createOne(updatedUserPayload);
         }
         catch (e) {
-            if (e instanceof RecordNotUniqueException) {
+            if (isDirectusError(e, ErrorCode.RecordNotUnique)) {
                 logger.warn(e, '[LDAP] Failed to register user. User not unique');
-                throw new InvalidProviderException();
+                throw new InvalidProviderError();
             }
             throw e;
         }
@@ -231,7 +234,7 @@ export class LDAPAuthDriver extends AuthDriver {
     }
     async verify(user, password) {
         if (!user.external_identifier || !password) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         return new Promise((resolve, reject) => {
             const clientConfig = typeof this.config['client'] === 'object' ? this.config['client'] : {};
@@ -261,7 +264,7 @@ export class LDAPAuthDriver extends AuthDriver {
         await this.validateBindClient();
         const userInfo = await this.fetchUserInfo(user.external_identifier);
         if (userInfo?.userAccountControl && userInfo.userAccountControl & INVALID_ACCOUNT_FLAGS) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
     }
 }
@@ -269,11 +272,11 @@ const handleError = (e) => {
     if (e instanceof ldap.InappropriateAuthenticationError ||
         e instanceof ldap.InvalidCredentialsError ||
         e instanceof ldap.InsufficientAccessRightsError) {
-        return new InvalidCredentialsException();
+        return new InvalidCredentialsError();
     }
-    return new ServiceUnavailableException('Service returned unexpected error', {
+    return new ServiceUnavailableError({
         service: 'ldap',
-        message: e.message,
+        reason: `Service returned unexpected error: ${e.message}`,
     });
 };
 const getEntryValue = (value) => {
@@ -304,7 +307,7 @@ export function createLDAPAuthRouter(provider) {
         });
         const { error } = loginSchema.validate(req.body);
         if (error) {
-            throw new InvalidPayloadException(error.message);
+            throw new InvalidPayloadError({ reason: error.message });
         }
         const mode = req.body.mode || 'json';
         const { accessToken, refreshToken, expires } = await authenticationService.login(provider, req.body, req.body?.otp);

package/dist/auth/drivers/local.js

@@ -4,7 +4,7 @@ import Joi from 'joi';
 import { performance } from 'perf_hooks';
 import { COOKIE_OPTIONS } from '../../constants.js';
 import env from '../../env.js';
-import { InvalidCredentialsException, InvalidPayloadException } from '../../exceptions/index.js';
+import { InvalidCredentialsError, InvalidPayloadError } from '../../errors/index.js';
 import { respond } from '../../middleware/respond.js';
 import { AuthenticationService } from '../../services/authentication.js';
 import asyncHandler from '../../utils/async-handler.js';
@@ -14,7 +14,7 @@ import { AuthDriver } from '../auth.js';
 export class LocalAuthDriver extends AuthDriver {
     async getUserID(payload) {
         if (!payload['email']) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         const user = await this.knex
             .select('id')
@@ -22,13 +22,13 @@ export class LocalAuthDriver extends AuthDriver {
             .whereRaw('LOWER(??) = ?', ['email', payload['email'].toLowerCase()])
             .first();
         if (!user) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         return user.id;
     }
     async verify(user, password) {
         if (!user.password || !(await argon2.verify(user.password, password))) {
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
     }
     async login(user, payload) {
@@ -63,7 +63,7 @@ export function createLocalAuthRouter(provider) {
         const { error } = userLoginSchema.validate(req.body);
         if (error) {
             await stall(STALL_TIME, timeStart);
-            throw new InvalidPayloadException(error.message);
+            throw new InvalidPayloadError({ reason: error.message });
         }
         const mode = req.body.mode || 'json';
         const { accessToken, refreshToken, expires } = await authenticationService.login(provider, req.body, req.body?.otp);

package/dist/auth/drivers/oauth2.js

@@ -1,4 +1,4 @@
-import { BaseException } from '@directus/exceptions';
+import { isDirectusError } from '@directus/errors';
 import { parseJSON } from '@directus/utils';
 import express, { Router } from 'express';
 import flatten from 'flat';
@@ -8,8 +8,7 @@ import { getAuthProvider } from '../../auth.js';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
 import env from '../../env.js';
-import { RecordNotUniqueException } from '../../exceptions/database/record-not-unique.js';
-import { InvalidConfigException, InvalidCredentialsException, InvalidProviderException, InvalidTokenException, ServiceUnavailableException, } from '../../exceptions/index.js';
+import { ErrorCode, InvalidCredentialsError, InvalidProviderError, InvalidProviderConfigError, InvalidTokenError, ServiceUnavailableError, } from '../../errors/index.js';
 import logger from '../../logger.js';
 import { respond } from '../../middleware/respond.js';
 import { AuthenticationService } from '../../services/authentication.js';
@@ -29,7 +28,8 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
         super(options, config);
         const { authorizeUrl, accessUrl, profileUrl, clientId, clientSecret, ...additionalConfig } = config;
         if (!authorizeUrl || !accessUrl || !profileUrl || !clientId || !clientSecret || !additionalConfig['provider']) {
-            throw new InvalidConfigException('Invalid provider config', { provider: additionalConfig['provider'] });
+            logger.error('Invalid provider config');
+            throw new InvalidProviderConfigError({ provider: additionalConfig['provider'] });
         }
         const redirectUrl = new Url(env['PUBLIC_URL']).addPath('auth', 'login', additionalConfig['provider'], 'callback');
         this.redirectUrl = redirectUrl.toString();
@@ -83,7 +83,7 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
     async getUserID(payload) {
         if (!payload['code'] || !payload['codeVerifier'] || !payload['state']) {
             logger.warn('[OAuth2] No code, codeVerifier or state in payload');
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         let tokenSet;
         let userInfo;
@@ -102,7 +102,7 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
         const identifier = userInfo[identifierKey] ? String(userInfo[identifierKey]) : email;
         if (!identifier) {
             logger.warn(`[OAuth2] Failed to find user identifier for provider "${provider}"`);
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         const userPayload = {
             provider,
@@ -129,7 +129,7 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
         // Is public registration allowed?
         if (!allowPublicRegistration) {
             logger.warn(`[OAuth2] User doesn't exist, and public registration not allowed for provider "${provider}"`);
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         // Run hook so the end user has the chance to augment the
         // user that is about to be created
@@ -142,9 +142,9 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
             await this.usersService.createOne(updatedUserPayload);
         }
         catch (e) {
-            if (e instanceof RecordNotUniqueException) {
+            if (isDirectusError(e, ErrorCode.RecordNotUnique)) {
                 logger.warn(e, '[OAuth2] Failed to register user. User not unique');
-                throw new InvalidProviderException();
+                throw new InvalidProviderError();
             }
             throw e;
         }
@@ -184,19 +184,19 @@ const handleError = (e) => {
         if (e.error === 'invalid_grant') {
             // Invalid token
             logger.trace(e, `[OAuth2] Invalid grant`);
-            return new InvalidTokenException();
+            return new InvalidTokenError();
         }
         // Server response error
         logger.trace(e, `[OAuth2] Unknown OP error`);
-        return new ServiceUnavailableException('Service returned unexpected response', {
+        return new ServiceUnavailableError({
             service: 'oauth2',
-            message: e.error_description,
+            reason: `Service returned unexpected response: ${e.error_description}`,
         });
     }
     else if (e instanceof errors.RPError) {
         // Internal client error
         logger.trace(e, `[OAuth2] Unknown RP error`);
-        return new InvalidCredentialsException();
+        return new InvalidCredentialsError();
     }
     logger.trace(e, `[OAuth2] Unknown error`);
     return e;
@@ -229,7 +229,7 @@ export function createOAuth2AuthRouter(providerName) {
         }
         catch (e) {
             logger.warn(e, `[OAuth2] Couldn't verify OAuth2 cookie`);
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         const { verifier, redirect, prompt } = tokenData;
         const accountability = {
@@ -257,12 +257,12 @@ export function createOAuth2AuthRouter(providerName) {
         }
         catch (error) {
             // Prompt user for a new refresh_token if invalidated
-            if (error instanceof InvalidTokenException && !prompt) {
+            if (isDirectusError(error, ErrorCode.InvalidToken) && !prompt) {
                 return res.redirect(`./?${redirect ? `redirect=${redirect}&` : ''}prompt=true`);
             }
             if (redirect) {
                 let reason = 'UNKNOWN_EXCEPTION';
-                if (error instanceof BaseException) {
+                if (isDirectusError(error)) {
                     reason = error.code;
                 }
                 else {

package/dist/auth/drivers/openid.js

@@ -1,4 +1,4 @@
-import { BaseException } from '@directus/exceptions';
+import { isDirectusError } from '@directus/errors';
 import { parseJSON } from '@directus/utils';
 import express, { Router } from 'express';
 import flatten from 'flat';
@@ -8,8 +8,7 @@ import { getAuthProvider } from '../../auth.js';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
 import env from '../../env.js';
-import { RecordNotUniqueException } from '../../exceptions/database/record-not-unique.js';
-import { InvalidConfigException, InvalidCredentialsException, InvalidProviderException, InvalidTokenException, ServiceUnavailableException, } from '../../exceptions/index.js';
+import { ErrorCode, InvalidCredentialsError, InvalidProviderError, InvalidProviderConfigError, InvalidTokenError, ServiceUnavailableError, } from '../../errors/index.js';
 import logger from '../../logger.js';
 import { respond } from '../../middleware/respond.js';
 import { AuthenticationService } from '../../services/authentication.js';
@@ -29,7 +28,8 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
         super(options, config);
         const { issuerUrl, clientId, clientSecret, ...additionalConfig } = config;
         if (!issuerUrl || !clientId || !clientSecret || !additionalConfig['provider']) {
-            throw new InvalidConfigException('Invalid provider config', { provider: additionalConfig['provider'] });
+            logger.error('Invalid provider config');
+            throw new InvalidProviderConfigError({ provider: additionalConfig['provider'] });
         }
         const redirectUrl = new Url(env['PUBLIC_URL']).addPath('auth', 'login', additionalConfig['provider'], 'callback');
         const clientOptionsOverrides = getConfigFromEnv(`AUTH_${config['provider'].toUpperCase()}_CLIENT_`, [`AUTH_${config['provider'].toUpperCase()}_CLIENT_ID`, `AUTH_${config['provider'].toUpperCase()}_CLIENT_SECRET`], 'underscore');
@@ -41,7 +41,8 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
                 .then((issuer) => {
                 const supportedTypes = issuer.metadata['response_types_supported'];
                 if (!supportedTypes?.includes('code')) {
-                    reject(new InvalidConfigException('OpenID provider does not support required code flow', {
+                    logger.error('OpenID provider does not support required code flow');
+                    reject(new InvalidProviderConfigError({
                         provider: additionalConfig['provider'],
                     }));
                 }
@@ -94,7 +95,7 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
     async getUserID(payload) {
         if (!payload['code'] || !payload['codeVerifier'] || !payload['state']) {
             logger.warn('[OpenID] No code, codeVerifier or state in payload');
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         let tokenSet;
         let userInfo;
@@ -121,7 +122,7 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
         const identifier = userInfo[identifierKey ?? 'sub'] ? String(userInfo[identifierKey ?? 'sub']) : email;
         if (!identifier) {
             logger.warn(`[OpenID] Failed to find user identifier for provider "${provider}"`);
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         const userPayload = {
             provider,
@@ -149,7 +150,7 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
         // Is public registration allowed?
         if (!allowPublicRegistration || !isEmailVerified) {
             logger.warn(`[OpenID] User doesn't exist, and public registration not allowed for provider "${provider}"`);
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         // Run hook so the end user has the chance to augment the
         // user that is about to be created
@@ -162,9 +163,9 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
             await this.usersService.createOne(updatedUserPayload);
         }
         catch (e) {
-            if (e instanceof RecordNotUniqueException) {
+            if (isDirectusError(e, ErrorCode.RecordNotUnique)) {
                 logger.warn(e, '[OpenID] Failed to register user. User not unique');
-                throw new InvalidProviderException();
+                throw new InvalidProviderError();
             }
             throw e;
         }
@@ -205,19 +206,19 @@ const handleError = (e) => {
         if (e.error === 'invalid_grant') {
             // Invalid token
             logger.trace(e, `[OpenID] Invalid grant`);
-            return new InvalidTokenException();
+            return new InvalidTokenError();
         }
         // Server response error
         logger.trace(e, `[OpenID] Unknown OP error`);
-        return new ServiceUnavailableException('Service returned unexpected response', {
+        return new ServiceUnavailableError({
             service: 'openid',
-            message: e.error_description,
+            reason: `Service returned unexpected response: ${e.error_description}`,
         });
     }
     else if (e instanceof errors.RPError) {
         // Internal client error
         logger.trace(e, `[OpenID] Unknown RP error`);
-        return new InvalidCredentialsException();
+        return new InvalidCredentialsError();
     }
     logger.trace(e, `[OpenID] Unknown error`);
     return e;
@@ -250,7 +251,7 @@ export function createOpenIDAuthRouter(providerName) {
         }
         catch (e) {
             logger.warn(e, `[OpenID] Couldn't verify OpenID cookie`);
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         const { verifier, redirect, prompt } = tokenData;
         const accountability = {
@@ -279,13 +280,13 @@ export function createOpenIDAuthRouter(providerName) {
         }
         catch (error) {
             // Prompt user for a new refresh_token if invalidated
-            if (error instanceof InvalidTokenException && !prompt) {
+            if (isDirectusError(error, ErrorCode.InvalidToken) && !prompt) {
                 return res.redirect(`./?${redirect ? `redirect=${redirect}&` : ''}prompt=true`);
             }
             logger.warn(error);
             if (redirect) {
                 let reason = 'UNKNOWN_EXCEPTION';
-                if (error instanceof BaseException) {
+                if (isDirectusError(error)) {
                     reason = error.code;
                 }
                 else {

package/dist/auth/drivers/saml.js

@@ -1,5 +1,5 @@
 import * as validator from '@authenio/samlify-node-xmllint';
-import { BaseException } from '@directus/exceptions';
+import { isDirectusError } from '@directus/errors';
 import express, { Router } from 'express';
 import * as samlify from 'samlify';
 import { getAuthProvider } from '../../auth.js';
@@ -7,8 +7,7 @@ import { COOKIE_OPTIONS } from '../../constants.js';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
 import env from '../../env.js';
-import { RecordNotUniqueException } from '../../exceptions/database/record-not-unique.js';
-import { InvalidCredentialsException, InvalidProviderException } from '../../exceptions/index.js';
+import { ErrorCode, InvalidCredentialsError, InvalidProviderError } from '../../errors/index.js';
 import logger from '../../logger.js';
 import { respond } from '../../middleware/respond.js';
 import { AuthenticationService } from '../../services/authentication.js';
@@ -47,7 +46,7 @@ export class SAMLAuthDriver extends LocalAuthDriver {
             return userID;
         if (!allowPublicRegistration) {
             logger.trace(`[SAML] User doesn't exist, and public registration not allowed for provider "${provider}"`);
-            throw new InvalidCredentialsException();
+            throw new InvalidCredentialsError();
         }
         const firstName = payload[givenNameKey ?? 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname'];
         const lastName = payload[familyNameKey ?? 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname'];
@@ -66,9 +65,9 @@ export class SAMLAuthDriver extends LocalAuthDriver {
             return await this.usersService.createOne(updatedUserPayload);
         }
         catch (error) {
-            if (error instanceof RecordNotUniqueException) {
+            if (isDirectusError(error, ErrorCode.RecordNotUnique)) {
                 logger.warn(error, '[SAML] Failed to register user. User not unique');
-                throw new InvalidProviderException();
+                throw new InvalidProviderError();
             }
             throw error;
         }
@@ -129,7 +128,7 @@ export function createSAMLAuthRouter(providerName) {
         catch (error) {
             if (relayState) {
                 let reason = 'UNKNOWN_EXCEPTION';
-                if (error instanceof BaseException) {
+                if (isDirectusError(error)) {
                     reason = error.code;
                 }
                 else {

package/dist/auth.js

@@ -3,7 +3,7 @@ import { LDAPAuthDriver, LocalAuthDriver, OAuth2AuthDriver, OpenIDAuthDriver, SA
 import { DEFAULT_AUTH_PROVIDER } from './constants.js';
 import getDatabase from './database/index.js';
 import env from './env.js';
-import { InvalidConfigException } from './exceptions/invalid-config.js';
+import { InvalidProviderConfigError } from './errors/index.js';
 import logger from './logger.js';
 import { getConfigFromEnv } from './utils/get-config-from-env.js';
 import { getSchema } from './utils/get-schema.js';
@@ -11,7 +11,8 @@ const providerNames = toArray(env['AUTH_PROVIDERS']);
 const providers = new Map();
 export function getAuthProvider(provider) {
     if (!providers.has(provider)) {
-        throw new InvalidConfigException('Auth provider not configured', { provider });
+        logger.error('Auth provider not configured');
+        throw new InvalidProviderConfigError({ provider });
     }
     return providers.get(provider);
 }

package/dist/cache.js

@@ -57,13 +57,14 @@ export async function flushCaches(forced) {
     await cache?.clear();
 }
 export async function clearSystemCache(opts) {
-    const { systemCache, localSchemaCache, lockCache } = getCache();
+    const { systemCache, localSchemaCache, lockCache, sharedSchemaCache } = getCache();
     // Flush system cache when forced or when system cache lock not set
     if (opts?.forced || !(await lockCache.get('system-cache-lock'))) {
         await lockCache.set('system-cache-lock', true, 10000);
         await systemCache.clear();
         await lockCache.delete('system-cache-lock');
     }
+    await sharedSchemaCache.clear();
     await localSchemaCache.clear();
     messenger.publish('schemaChanged', { autoPurgeCache: opts?.autoPurgeCache });
 }
@@ -109,8 +110,6 @@ function getKeyvInstance(store, ttl, namespaceSuffix) {
     switch (store) {
         case 'redis':
             return new Keyv(getConfig('redis', ttl, namespaceSuffix));
-        case 'memcache':
-            return new Keyv(getConfig('memcache', ttl, namespaceSuffix));
         case 'memory':
         default:
             return new Keyv(getConfig('memory', ttl, namespaceSuffix));
@@ -123,16 +122,7 @@ function getConfig(store = 'memory', ttl, namespaceSuffix = '') {
     };
     if (store === 'redis') {
         const KeyvRedis = require('@keyv/redis');
-        config.store = new KeyvRedis(env['CACHE_REDIS'] || getConfigFromEnv('CACHE_REDIS_'));
-    }
-    if (store === 'memcache') {
-        const KeyvMemcache = require('keyv-memcache');
-        // keyv-memcache uses memjs which only accepts a comma separated string instead of an array,
-        // so we need to join array into a string when applicable. See #7986
-        const cacheMemcache = Array.isArray(env['CACHE_MEMCACHE'])
-            ? env['CACHE_MEMCACHE'].join(',')
-            : env['CACHE_MEMCACHE'];
-        config.store = new KeyvMemcache(cacheMemcache);
+        config.store = new KeyvRedis(env['REDIS'] || getConfigFromEnv('REDIS'));
     }
     return config;
 }

package/dist/cli/utils/create-env/env-stub.liquid

@@ -50,6 +50,9 @@ PUBLIC_URL="/"
 # The maximum number of items for batch mutations when creating, updating and deleting. ["Infinity"]
 # MAX_BATCH_MUTATION="Infinity"
 
+# Shared Redis server for things like caching, rate limiting, container synchronization, etc
+# REDIS="redis://@127.0.0.1:6379"
+
 ####################################################################################################
 ### Database
 
@@ -127,10 +130,8 @@ PUBLIC_URL="/"
 RATE_LIMITER_ENABLED=false
 
 # Where to store the rate limiter counts [memory]
-# memory, redis, memcache
+# memory, redis
 RATE_LIMITER_STORE=memory
-# RATE_LIMITER_REDIS="redis://@127.0.0.1:5105"
-# RATE_LIMITER_MEMCACHE="localhost:5109"
 
 # The amount of allowed hits per duration [50]
 RATE_LIMITER_POINTS=25
@@ -156,15 +157,12 @@ CACHE_ENABLED=false
 # List of collections that prevent cache purging when `CACHE_AUTO_PURGE` is enabled. ["directus_activity,directus_presets"]
 # CACHE_AUTO_PURGE_IGNORE_LIST="directus_activity,directus_presets"
 
-# memory | redis | memcache
+# memory | redis
 CACHE_STORE=memory
 
 # How long assets will be cached for in the browser. Sets the max-age value of the Cache-Control header ["30d"]
 ASSETS_CACHE_TTL="30d"
 
-# CACHE_REDIS="redis://@127.0.0.1:5105"
-# CACHE_MEMCACHE="localhost:5109"
-
 ####################################################################################################
 ### File Storage