Skip to main content

Module errors

auth_framework

Module errors 

Source
Expand description

Error types and the crate-wide Result alias. Comprehensive error types for the AuthFramework.

This module defines all error types used throughout the authentication framework, providing detailed error information for debugging, logging, and user feedback. All errors implement standard Rust error traits and provide contextual information to help diagnose issues.

§Error Categories

  • Authentication Errors: Credential validation and method failures
  • Authorization Errors: Permission and access control failures
  • Token Errors: JWT creation, validation, and lifecycle issues
  • Configuration Errors: Setup and configuration problems
  • Storage Errors: Database and persistence layer issues
  • Network Errors: External service communication failures
  • Cryptographic Errors: Security operation failures

§Error Handling Patterns

The framework uses structured error handling with:

  • Contextual error messages with relevant details
  • Error chaining to preserve root cause information
  • Categorized errors for appropriate response handling
  • Security-safe error messages that don’t leak sensitive data

§Example Error Handling

use auth_framework::{AuthFramework, AuthError};
use auth_framework::authentication::credentials::Credential;
use auth_framework::authentication::CredentialMetadata;

match auth_framework.authenticate("password", credential).await {
    Ok(result) => handle_success(result),
    Err(AuthError::InvalidCredential { credential_type, message, .. }) => {
        log::warn!("Invalid {} credential: {}", credential_type, message);
        respond_with_auth_failure()
    },
    Err(AuthError::RateLimit { message, .. }) => {
        respond_with_rate_limit(None)
    },
    Err(e) => {
        log::error!("Authentication system error: {}", e);
        respond_with_system_error()
    }
}

§Security Considerations

Error messages are designed to:

  • Provide useful debugging information for developers
  • Avoid exposing sensitive information to potential attackers
  • Enable proper security monitoring and alerting
  • Support compliance requirements for audit logging

Enums§

AuthError
Comprehensive error type covering all authentication and authorization failures.
DeviceFlowError
Device Authorization Grant (RFC 8628) errors.
MfaError
Multi-factor authentication errors.
OAuthProviderError
OAuth 2.0 provider interaction errors.
PermissionError
Permission and access-control errors.
StorageError
Storage backend errors.
TokenError
Token-specific errors.

Type Aliases§

Result
Type alias for Results in the authentication framework.