huskarl 0.9.1

A modern OAuth2 client library.
Documentation
use snafu::Snafu;

/// Source vocabulary for authorization-code completion failures.
///
/// Carried as the source of [`ErrorKind::Protocol`](crate::core::ErrorKind::Protocol)
/// errors returned by
/// [`complete`](super::AuthorizationCodeGrant::complete) /
/// [`complete_oidc`](super::AuthorizationCodeGrant::complete_oidc) — match on
/// the error kind rather than downcasting to this type.
#[derive(Debug, Snafu)]
#[snafu(visibility(pub(super)))]
#[non_exhaustive]
pub enum CompleteError {
    /// There was a mismatch between the required and returned issuer values.
    #[snafu(display("Issuer mismatch: original = {}, callback = {}", original, callback))]
    IssuerMismatch {
        /// The required issuer value.
        original: String,
        /// The issuer value returned to the callback.
        callback: String,
    },
    /// There was a mismatch between the required and returned state values.
    #[snafu(display("State mismatch between original request and callback"))]
    StateMismatch,
    /// The authorization server claimed to support issuer identification but no issuer was returned.
    #[snafu(display(
        "Authorization server claims to support issuer identification but no issuer returned."
    ))]
    MissingIssuer,
    /// The token response included an ID token but no JWS verifier was configured on the grant.
    #[snafu(display(
        "ID token received but grant has no JWS verifier configured; \
         call `.jws_verifier_factory(...)` on the builder to enable ID token validation"
    ))]
    IdTokenVerifierNotConfigured,
    /// The token response included an ID token but no issuer was configured on the grant.
    #[snafu(display(
        "ID token received but grant has no issuer configured; provide an issuer via server metadata or builder"
    ))]
    IdTokenIssuerNotConfigured,
}

/// An error that occurs when building an [`AuthorizationCodeGrant`](super::AuthorizationCodeGrant).
///
/// Carried as the source of [`ErrorKind::Config`](crate::core::ErrorKind::Config)
/// errors returned by the grant builder.
#[derive(Debug, Snafu)]
#[snafu(visibility(pub(super)))]
#[non_exhaustive]
pub enum BuildError {
    /// A JWS verifier factory was provided but no verifier platform is available.
    #[snafu(display(
        "jws_verifier_factory was set but no JWS verifier platform is configured; \
         enable the `default-jws-verifier-platform` feature or call \
         `.jws_verifier_platform(...)` on the builder"
    ))]
    MissingJwsVerifierPlatform,
    /// PAR is required but no PAR endpoint is configured.
    #[snafu(display(
        "require_pushed_authorization_requests is set but no \
         pushed_authorization_request_endpoint is configured; supply the endpoint \
         or unset the requirement — proceeding would silently downgrade required \
         PAR (RFC 9126 §5) to a plain authorization request"
    ))]
    RequiredParEndpointMissing,
}