huskarl-resource-server 0.2.0

OAuth2 resource server (JWT validation) support for the huskarl ecosystem.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

//! Error types for token introspection validation.

use snafu::prelude::*;

use crate::{
    TokenType,
    error::{ToRfc6750Error, TokenValidationError},
    introspection::IntrospectionCallError,
    validator::error::TokenBindingError,
    validator::extract::TokenExtractError,
};

/// Error returned by [`super::IntrospectionValidator::validate_request`].
#[derive(Debug, Snafu)]
#[snafu(visibility(pub(super)))]
pub enum IntrospectionValidateError<
    AuthErr: crate::core::Error,
    HttpErr: crate::core::Error,
    HttpRespErr: crate::core::Error,
> {
    /// Failed to extract the access token from the request headers.
    #[snafu(display("Token presentation error"))]
    Extract { source: TokenExtractError },
    /// Sender-constraint binding check failed.
    #[snafu(display("Token binding error"))]
    Binding {
        token_type: TokenType,
        source: TokenBindingError,
    },
    /// The introspection call failed.
    #[snafu(display("Introspection call error"))]
    Call {
        token_type: TokenType,
        source: IntrospectionCallError<AuthErr, HttpErr, HttpRespErr>,
    },
}

impl<AuthErr: crate::core::Error, HttpErr: crate::core::Error, HttpRespErr: crate::core::Error>
    ToRfc6750Error for IntrospectionValidateError<AuthErr, HttpErr, HttpRespErr>
{
    fn attempted_scheme(&self) -> Option<TokenType> {
        match self {
            Self::Extract { source } => source.attempted_scheme(),
            Self::Binding { token_type, .. } => Some(*token_type),
            Self::Call { token_type, .. } => Some(*token_type),
        }
    }

    fn token_error(&self) -> TokenValidationError {
        match self {
            Self::Extract { source } => source.token_error(),
            Self::Binding { source, .. } => source.token_error(),
            Self::Call { source, .. } => source.token_error(),
        }
    }

    fn error_description(&self) -> Option<String> {
        match self {
            Self::Extract { source } => source.error_description(),
            Self::Binding { source, .. } => source.error_description(),
            Self::Call { source, .. } => source.error_description(),
        }
    }
}