Function aliri_tower::util::forbidden

source · [−]

pub fn forbidden<Body: Default>(
    description: &str, 
    policy: Option<&ScopePolicy>
) -> Response<Body>

Expand description

Build a 403 Forbidden response with the appropriate www-authenticate header(s)

The description provided will be automatically escaped to make sure it is header-friendly.

When no policy is given, the prepared response will have the form:

HTTP/1.1 403 Forbidden
www-authenticate: Bearer error="insufficient_scopes" error_description="{description}"

If a policy is given, then a www-authenticate header will be added for each scope alternative allowed by the policy.

HTTP/1.1 403 Forbidden
www-authenticate: Bearer error="insufficient_scopes" error_description="{description}" scope="get_user"
www-authenticate: Bearer error="insufficient_scopes" error_description="{description}" scope="admin"

error_description is omitted if description is empty.