1use axum::{
2 response::{IntoResponse, Response},
3 Json,
4};
5use axum_extra::typed_header::TypedHeaderRejection;
6use http::StatusCode;
7use serde_json::json;
8
9#[non_exhaustive]
10#[derive(thiserror::Error, Debug)]
11pub enum Error {
12 #[error("missing kid in token header")]
13 MissingKid,
14 #[error("token header contains invalid kid")]
15 InvalidKid,
16 #[error(transparent)]
17 InvalidAuthorizationHeader(#[from] TypedHeaderRejection),
18 #[error("failed to decode JWK into key")]
19 InvalidJwk(#[source] jsonwebtoken::errors::Error),
20 #[error("JWT validation failed")]
21 InvalidJwt(#[source] jsonwebtoken::errors::Error),
22 #[error("failed to fetch JWK set")]
23 FailedJwkSetRequest(#[from] reqwest::Error),
24 #[error("received error response when fetching JWK set: {status_code}")]
25 JwkSetRequestErrorResponse { status_code: StatusCode },
26}
27
28impl IntoResponse for Error {
29 fn into_response(self) -> Response {
30 let body = Json(json!({
31 "error": self.to_string(),
32 }));
33 (StatusCode::UNAUTHORIZED, body).into_response()
34 }
35}