use snafu::Snafu;
#[derive(Debug, Snafu)]
#[snafu(visibility(pub(super)))]
#[non_exhaustive]
pub enum CompleteError {
#[snafu(display("Issuer mismatch: original = {}, callback = {}", original, callback))]
IssuerMismatch {
original: String,
callback: String,
},
#[snafu(display("State mismatch between original request and callback"))]
StateMismatch,
#[snafu(display(
"Authorization server claims to support issuer identification but no issuer returned."
))]
MissingIssuer,
#[snafu(display(
"ID token received but grant has no JWS verifier configured; \
call `.jws_verifier_factory(...)` on the builder to enable ID token validation"
))]
IdTokenVerifierNotConfigured,
#[snafu(display(
"ID token received but grant has no issuer configured; provide an issuer via server metadata or builder"
))]
IdTokenIssuerNotConfigured,
}
#[derive(Debug, Snafu)]
#[snafu(visibility(pub(super)))]
#[non_exhaustive]
pub enum BuildError {
#[snafu(display(
"jws_verifier_factory was set but no JWS verifier platform is configured; \
enable the `default-jws-verifier-platform` feature or call \
`.jws_verifier_platform(...)` on the builder"
))]
MissingJwsVerifierPlatform,
#[snafu(display(
"require_pushed_authorization_requests is set but no \
pushed_authorization_request_endpoint is configured; supply the endpoint \
or unset the requirement — proceeding would silently downgrade required \
PAR (RFC 9126 §5) to a plain authorization request"
))]
RequiredParEndpointMissing,
}