1use thiserror::Error;
4
5pub type Result<T> = std::result::Result<T, AuthError>;
7
8#[derive(Debug, Error)]
10pub enum AuthError {
11 #[error("OAuth2 error: {0}")]
13 OAuth2Error(String),
14
15 #[error("token validation failed: {0}")]
17 TokenValidationFailed(String),
18
19 #[error("token expired")]
21 TokenExpired,
22
23 #[error("token refresh failed: {0}")]
25 TokenRefreshFailed(String),
26
27 #[error("invalid state parameter")]
29 InvalidState,
30
31 #[error("invalid nonce")]
33 InvalidNonce,
34
35 #[error("provider not configured: {0}")]
37 ProviderNotConfigured(String),
38
39 #[error("OIDC discovery failed: {0}")]
41 DiscoveryFailed(String),
42
43 #[error("domain not allowed: {0}")]
45 UnauthorizedDomain(String),
46
47 #[error("user not in required group")]
49 NotInRequiredGroup,
50
51 #[error("user account is disabled")]
53 UserDisabled,
54
55 #[error("auth session not found")]
57 SessionNotFound,
58
59 #[error("auth session expired")]
61 SessionExpired,
62
63 #[error("authorization pending")]
65 AuthorizationPending,
66
67 #[error("device authorization expired")]
69 DeviceAuthExpired,
70
71 #[error("HTTP error: {0}")]
73 HttpError(String),
74
75 #[error("serialization error: {0}")]
77 SerializationError(String),
78
79 #[error("configuration error: {0}")]
81 ConfigError(String),
82}
83
84impl From<reqwest::Error> for AuthError {
85 fn from(err: reqwest::Error) -> Self {
86 AuthError::HttpError(err.to_string())
87 }
88}
89
90impl From<serde_json::Error> for AuthError {
91 fn from(err: serde_json::Error) -> Self {
92 AuthError::SerializationError(err.to_string())
93 }
94}