idprova-middleware 0.1.1

IDProva Middleware — Tower/Axum layer for DAT bearer token verification
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

use axum::{
    http::StatusCode,
    response::{IntoResponse, Json, Response},
};
use serde_json::json;

/// Errors from DAT middleware verification.
#[derive(Debug)]
pub enum DatMiddlewareError {
    /// 401 — missing, empty, or invalid token.
    Unauthorized(String),
    /// 403 — valid token but insufficient scope.
    Forbidden(String),
}

impl DatMiddlewareError {
    pub fn unauthorized(msg: impl Into<String>) -> Self {
        Self::Unauthorized(msg.into())
    }

    pub fn forbidden(msg: impl Into<String>) -> Self {
        Self::Forbidden(msg.into())
    }
}

impl IntoResponse for DatMiddlewareError {
    fn into_response(self) -> Response {
        match self {
            Self::Unauthorized(msg) => (
                StatusCode::UNAUTHORIZED,
                Json(json!({ "error": msg, "code": "unauthorized" })),
            )
                .into_response(),
            Self::Forbidden(msg) => (
                StatusCode::FORBIDDEN,
                Json(json!({ "error": msg, "code": "forbidden" })),
            )
                .into_response(),
        }
    }
}