1use thiserror::Error;
2
3#[derive(Debug, Error)]
4pub enum AuthError {
5 #[error("Authentication required: missing or invalid token")]
6 Unauthenticated,
7
8 #[error("Forbidden: insufficient permissions")]
9 Forbidden,
10
11 #[error("Invalid token: {0}")]
12 InvalidToken(String),
13
14 #[error("Token validation failed: {0}")]
15 ValidationFailed(String),
16
17 #[error("JWKS fetch failed: {0}")]
18 JwksFetchFailed(String),
19
20 #[error("Issuer mismatch: expected {expected}, got {actual}")]
21 IssuerMismatch { expected: String, actual: String },
22
23 #[error("Audience mismatch: expected {expected:?}, got {actual:?}")]
24 AudienceMismatch {
25 expected: Vec<String>,
26 actual: Vec<String>,
27 },
28
29 #[error("Token expired")]
30 TokenExpired,
31
32 #[error("Internal error: {0}")]
33 Internal(String),
34}