Simplify OutgoingIdentityKeyError, use it in getKeysForIdentifier

ts/textsecure/getKeysForIdentifier.ts

@@ -8,13 +8,18 @@ import {
   PublicKey,
 } from '@signalapp/signal-client';
 
-import { UnregisteredUserError, HTTPError } from './Errors';
+import {
+  UnregisteredUserError,
+  HTTPError,
+  OutgoingIdentityKeyError,
+} from './Errors';
 import { Sessions, IdentityKeys } from '../LibSignalStores';
 import { Address } from '../types/Address';
 import { QualifiedAddress } from '../types/QualifiedAddress';
 import { UUID } from '../types/UUID';
 import type { ServerKeysType, WebAPIType } from './WebAPI';
 import * as log from '../logging/log';
+import { isRecord } from '../util/isRecord';
 
 export async function getKeysForIdentifier(
   identifier: string,
@@ -54,20 +59,32 @@ async function getServerKeys(
   server: WebAPIType,
   accessKey?: string
 ): Promise<{ accessKeyFailed?: boolean; keys: ServerKeysType }> {
-  if (!accessKey) {
-    return {
-      keys: await server.getKeysForIdentifier(identifier),
-    };
-  }
-
   try {
+    if (!accessKey) {
+      return {
+        keys: await server.getKeysForIdentifier(identifier),
+      };
+    }
+
     return {
       keys: await server.getKeysForIdentifierUnauth(identifier, undefined, {
         accessKey,
       }),
     };
-  } catch (error) {
-    if (error.code === 401 || error.code === 403) {
+  } catch (error: unknown) {
+    if (
+      error instanceof Error &&
+      error.message.includes('untrusted identity')
+    ) {
+      throw new OutgoingIdentityKeyError(identifier);
+    }
+
+    if (
+      accessKey &&
+      isRecord(error) &&
+      typeof error.code === 'number' &&
+      (error.code === 401 || error.code === 403)
+    ) {
       return {
         accessKeyFailed: true,
         keys: await server.getKeysForIdentifier(identifier),