authly_client/
error.rs

1use crate::{IDENTITY_PATH, K8S_SA_TOKENFILE_PATH, LOCAL_CA_CERT_PATH};
2
3/// Errors that can happen either during client configuration or while communicating over the network.
4#[derive(thiserror::Error, Debug)]
5#[non_exhaustive]
6pub enum Error {
7    /// Error generating a private key.
8    #[error("private key gen error")]
9    PrivateKeyGen,
10
11    /// AuthlyCA not inferred from standard location
12    #[error("Authly CA does not exist at {LOCAL_CA_CERT_PATH}")]
13    AuthlyCAmissingInEtc,
14
15    /// A problem with the Authly Certificate Authority.
16    #[error("Authly CA error: {0}")]
17    AuthlyCA(&'static str),
18
19    /// A problem with the client identity.
20    #[error("identity error: {0}")]
21    Identity(&'static str),
22
23    /// A problem with TLS infrastructure
24    #[error("tls problem: {0}")]
25    Tls(&'static str),
26
27    /// Automatic environment inference did not work.
28    #[error(
29        "environment not inferrable: Neither {IDENTITY_PATH} or {K8S_SA_TOKENFILE_PATH} exists"
30    )]
31    EnvironmentNotInferrable,
32
33    /// Invalid Common Name in certificate signing request.
34    #[error("invalid X509 alt names")]
35    InvalidAltNames,
36
37    /// A party was not authenticated or an operation was forbidden.
38    #[error("unauthorized: {0}")]
39    Unauthorized(anyhow::Error),
40
41    /// A network problem.
42    #[error("network error: {0}")]
43    Network(anyhow::Error),
44
45    /// An access token problem.
46    #[error("invalid access token: {0}")]
47    InvalidAccessToken(anyhow::Error),
48
49    /// A codec problem, usually related to network protocols.
50    #[error("encoding error: {0}")]
51    Codec(anyhow::Error),
52
53    /// Invalid namespace/property/attribute label
54    #[error("invalid namespace/property/attribute label")]
55    InvalidPropertyAttributeLabel,
56
57    /// Access control enforcement has resulted in "deny".
58    #[error("access denied")]
59    AccessDenied,
60
61    /// Other type of unclassified error.
62    #[error("unclassified error: {0}")]
63    Unclassified(anyhow::Error),
64}
65
66pub(crate) fn unclassified(err: impl std::error::Error + Send + Sync + 'static) -> Error {
67    Error::Unclassified(anyhow::Error::from(err))
68}
69
70pub(crate) fn tonic(err: tonic::Status) -> Error {
71    match err.code() {
72        tonic::Code::Unauthenticated => Error::Unauthorized(err.into()),
73        tonic::Code::PermissionDenied => Error::Unauthorized(err.into()),
74        _ => Error::Network(err.into()),
75    }
76}
77
78pub(crate) fn network(err: impl std::error::Error + Send + Sync + 'static) -> Error {
79    Error::Unauthorized(anyhow::Error::from(err))
80}
81
82pub(crate) fn unauthorized(err: impl std::error::Error + Send + Sync + 'static) -> Error {
83    Error::Unauthorized(anyhow::Error::from(err))
84}