Skip to main content

chio_envoy_ext_authz/
error.rs

1//! Error types for the Chio ext_authz adapter.
2
3use thiserror::Error;
4
5/// Errors produced while translating an Envoy `CheckRequest` into an Chio
6/// [`crate::translate::ToolCallRequest`].
7#[derive(Debug, Error, PartialEq, Eq)]
8pub enum TranslateError {
9    /// The `CheckRequest` did not carry an `AttributeContext`.
10    #[error("check request is missing the attributes field")]
11    MissingAttributes,
12
13    /// The attributes did not include a nested `Request`.
14    #[error("check request attributes are missing the request field")]
15    MissingRequest,
16
17    /// The request did not include an `HttpRequest` payload.
18    #[error("check request is missing the HTTP request field")]
19    MissingHttpRequest,
20
21    /// The HTTP method string was empty or unrecognised.
22    #[error("check request HTTP method is empty or invalid: {0:?}")]
23    InvalidHttpMethod(String),
24}
25
26/// Errors returned by the [`crate::EnvoyKernel`] abstraction. The adapter
27/// translates any error into a fail-closed `DeniedHttpResponse` with status
28/// `500 Internal Server Error`.
29#[derive(Debug, Error)]
30pub enum KernelError {
31    /// The kernel rejected the request with a terminal internal error.
32    #[error("kernel evaluation failed: {0}")]
33    Evaluation(String),
34}
35
36impl KernelError {
37    /// Construct an evaluation error from any displayable value.
38    pub fn evaluation(reason: impl std::fmt::Display) -> Self {
39        Self::Evaluation(reason.to_string())
40    }
41}