Skip to main content

mssql_auth/
error.rs

1//! Authentication error types.
2
3use thiserror::Error;
4
5/// Errors that can occur during authentication.
6#[derive(Debug, Error)]
7#[non_exhaustive]
8pub enum AuthError {
9    /// Invalid credentials provided.
10    #[error("invalid credentials: {0}")]
11    InvalidCredentials(String),
12
13    /// Authentication failed on server.
14    #[error("authentication failed: {0}")]
15    AuthenticationFailed(String),
16
17    /// Token expired or invalid.
18    #[error("token expired or invalid")]
19    TokenExpired,
20
21    /// Token acquisition failed.
22    #[error("failed to acquire token: {0}")]
23    TokenAcquisition(String),
24
25    /// Unsupported authentication method.
26    #[error("unsupported authentication method: {0}")]
27    UnsupportedMethod(String),
28
29    /// SSPI/GSSAPI error.
30    #[error("SSPI error: {0}")]
31    Sspi(String),
32
33    /// Certificate error.
34    #[error("certificate error: {0}")]
35    Certificate(String),
36
37    /// Network error during authentication.
38    #[error("network error: {0}")]
39    Network(String),
40
41    /// Configuration error.
42    #[error("configuration error: {0}")]
43    Configuration(String),
44
45    /// Azure identity error.
46    #[error("Azure identity error: {0}")]
47    AzureIdentity(String),
48}
49
50impl AuthError {
51    /// Check if this error is transient and may succeed on retry.
52    ///
53    /// Network errors, token acquisition failures (may be temporary service
54    /// issues), and Azure identity errors are potentially transient. Invalid
55    /// credentials and unsupported methods are terminal.
56    #[must_use]
57    pub fn is_transient(&self) -> bool {
58        matches!(
59            self,
60            Self::Network(_) | Self::TokenAcquisition(_) | Self::AzureIdentity(_)
61        )
62    }
63
64    /// Check if this error is terminal and will never succeed on retry.
65    ///
66    /// Invalid credentials, unsupported methods, certificate errors, and
67    /// configuration errors are permanent.
68    #[must_use]
69    pub fn is_terminal(&self) -> bool {
70        matches!(
71            self,
72            Self::InvalidCredentials(_)
73                | Self::UnsupportedMethod(_)
74                | Self::Certificate(_)
75                | Self::Configuration(_)
76        )
77    }
78}