From b24bdedce6805573fd35042f22b58cca693aabeb Mon Sep 17 00:00:00 2001
From: Magnus Jensen <magnus@fleetdm.com>
Date: Fri, 5 Sep 2025 13:09:42 +0300
Subject: [PATCH] HCA: lowercase error reason to avoid case sensitive string
 matching (#32641)

fixes: #32612

It was due to case sensitive matching, and it might have changed, so
decided to lowercase the reason coming in and only user lowercase for
`.includes` checks.

<img width="820" height="593" alt="image"
src="https://github.com/user-attachments/assets/df7eae54-9d3c-4b4c-bd9a-7b8297482158"
/>

- [x] QA'd all new/changed functionality manually
---
 .../components/AddCertAuthorityModal/helpers.tsx     | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/frontend/pages/admin/IntegrationsPage/cards/CertificateAuthorities/components/AddCertAuthorityModal/helpers.tsx b/frontend/pages/admin/IntegrationsPage/cards/CertificateAuthorities/components/AddCertAuthorityModal/helpers.tsx
index 8e8c273662..3283884d64 100644
--- a/frontend/pages/admin/IntegrationsPage/cards/CertificateAuthorities/components/AddCertAuthorityModal/helpers.tsx
+++ b/frontend/pages/admin/IntegrationsPage/cards/CertificateAuthorities/components/AddCertAuthorityModal/helpers.tsx
@@ -171,22 +171,22 @@ const INVALID_CHALLENGE_ERROR =
  */
 export const getDisplayErrMessage = (err: unknown) => {
   let message: string | JSX.Element = DEFAULT_ERROR;
-  const reason = getErrorReason(err);
+  const reason = getErrorReason(err).toLowerCase();
 
-  if (reason.includes("invalid API token")) {
+  if (reason.includes("invalid api token")) {
     message = INVALID_API_TOKEN_ERROR;
-  } else if (reason.includes("invalid profile GUID")) {
+  } else if (reason.includes("invalid profile guid")) {
     message = INVALID_PROFILE_GUID_ERROR;
   } else if (
-    reason.includes("invalid URL") ||
+    reason.includes("invalid url") ||
     reason.includes("no such host")
   ) {
     message = INVALID_URL_ERROR;
   } else if (reason.includes("private key")) {
     message = PRIVATE_KEY_NOT_CONFIGURED_ERROR;
-  } else if (reason.includes("invalid SCEP URL")) {
+  } else if (reason.includes("invalid scep url")) {
     message = INVALID_SCEP_URL_ERROR;
-  } else if (reason.includes("invalid admin URL or credentials")) {
+  } else if (reason.includes("invalid admin url or credentials")) {
     message = INVALID_ADMIN_URL_OR_CREDENTIALS_ERROR;
   } else if (reason.includes("password cache is full")) {
     message = NDES_PASSWORD_CACHE_FULL_ERROR;