oauth2-passkey 0.6.1

OAuth2 and Passkey authentication library for Rust web applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285

//! Error types for the libauth crate

use thiserror::Error;

use crate::oauth2::OAuth2Error;
use crate::passkey::PasskeyError;
use crate::session::SessionError;
use crate::userdb::UserError;
use crate::utils::UtilError;

/// Errors that can occur during authentication coordination
#[derive(Error, Debug)]
pub enum CoordinationError {
    /// General coordination error
    #[error("Coordination error: {0}")]
    Coordination(String),

    /// Validation error
    #[error("Validation error: {0}")]
    Validation(String),

    /// Internal error
    #[error("Internal error: {0}")]
    Internal(String),

    /// Database error
    #[error("Database error: {0}")]
    Database(String),

    /// Authentication error
    #[error("Authentication error: {0}")]
    Authentication(String),

    /// Session mismatch error - when user in session differs from user in context
    #[error("Session mismatch: {0}")]
    SessionMismatch(String),

    /// Missing context token error
    #[error("Context token is missing")]
    MissingContextToken,

    /// Unauthorized access error
    #[error("Unauthorized access")]
    Unauthorized,

    /// Unexpectedly authorized access error
    #[error("You are already authenticated")]
    UnexpectedlyAuthorized,

    /// No content error
    #[error("No content")]
    NoContent,

    /// Invalid mode
    #[error("Invalid mode")]
    InvalidMode,

    /// Conflict error
    #[error("Conflict: {0}")]
    Conflict(String),

    /// Invalid state error
    #[error("Invalid state: {0}")]
    InvalidState(String),

    /// Resource not found with context
    #[error("Resource not found: {resource_type} {resource_id}")]
    ResourceNotFound {
        /// The type of resource that wasn't found (e.g., "user", "credential", etc.)
        resource_type: String,
        /// The identifier of the resource that wasn't found
        resource_id: String,
    },

    /// Error from the user database operations
    #[error("User error: {0}")]
    UserError(UserError),

    /// Error from OAuth2 operations
    #[error("OAuth2 error: {0}")]
    OAuth2Error(OAuth2Error),

    /// Error from Passkey operations
    #[error("Passkey error: {0}")]
    PasskeyError(PasskeyError),

    /// Error from Session operations
    #[error("Session error: {0}")]
    SessionError(SessionError),

    /// Error from utils operations
    #[error("Utils error: {0}")]
    UtilsError(UtilError),

    /// Invalid response mode
    #[error("Invalid response mode: {0}")]
    InvalidResponseMode(String),
}

impl CoordinationError {
    /// Log the error and return self
    ///
    /// This method logs the error with appropriate context and returns self,
    /// allowing for method chaining and explicit logging when needed.
    ///
    pub fn log(self) -> Self {
        match &self {
            Self::Coordination(msg) => tracing::error!("Coordination error: {}", msg),
            Self::Validation(msg) => tracing::error!("Validation error: {}", msg),
            Self::Internal(msg) => tracing::error!("Internal error: {}", msg),
            Self::Database(msg) => tracing::error!("Database error: {}", msg),
            Self::Authentication(msg) => tracing::error!("Authentication error: {}", msg),
            Self::SessionMismatch(msg) => tracing::error!("Session mismatch: {}", msg),
            Self::MissingContextToken => tracing::error!("Context token is missing"),
            Self::Unauthorized => tracing::error!("Unauthorized access"),
            Self::UnexpectedlyAuthorized => tracing::error!("Unexpectedly authorized access"),
            Self::NoContent => tracing::error!("No content"),
            Self::InvalidMode => tracing::error!("Invalid mode"),
            Self::Conflict(message) => tracing::error!("Conflict: {}", message),
            Self::InvalidState(message) => tracing::error!("Invalid state: {}", message),
            Self::ResourceNotFound {
                resource_type,
                resource_id,
            } => tracing::error!("Resource not found: {} {}", resource_type, resource_id),
            Self::UserError(err) => tracing::error!("User error: {}", err),
            Self::OAuth2Error(err) => tracing::error!("OAuth2 error: {}", err),
            Self::PasskeyError(err) => tracing::error!("Passkey error: {}", err),
            Self::SessionError(err) => tracing::error!("Session error: {}", err),
            Self::UtilsError(err) => tracing::error!("Utils error: {}", err),
            Self::InvalidResponseMode(message) => {
                tracing::error!("Invalid response mode: {}", message)
            }
        }
        self
    }

    /// Log the error with enhanced context including spans and return self
    ///
    /// This method provides structured error logging with additional context
    /// from the current tracing span, making debugging easier in production.
    pub fn log_with_context(self) -> Self {
        match &self {
            Self::Coordination(msg) => {
                tracing::error!(error = %self, message = %msg, "Coordination error with context");
            }
            Self::Validation(msg) => {
                tracing::error!(error = %self, message = %msg, "Validation error with context");
            }
            Self::Internal(msg) => {
                tracing::error!(error = %self, message = %msg, "Internal error with context");
            }
            Self::Database(msg) => {
                tracing::error!(error = %self, message = %msg, "Database error with context");
            }
            Self::Authentication(msg) => {
                tracing::error!(error = %self, message = %msg, "Authentication error with context");
            }
            Self::SessionMismatch(msg) => {
                tracing::error!(error = %self, message = %msg, "Session mismatch with context");
            }
            Self::MissingContextToken => {
                tracing::error!(error = %self, "Context token missing with span context");
            }
            Self::Unauthorized => {
                tracing::error!(error = %self, "Unauthorized access with span context");
            }
            Self::UnexpectedlyAuthorized => {
                tracing::error!(error = %self, "Unexpectedly authorized with span context");
            }
            Self::NoContent => {
                tracing::error!(error = %self, "No content with span context");
            }
            Self::InvalidMode => {
                tracing::error!(error = %self, "Invalid mode with span context");
            }
            Self::InvalidState(msg) => {
                tracing::error!(error = %self, message = %msg, "Invalid state with context");
            }
            Self::Conflict(msg) => {
                tracing::error!(error = %self, message = %msg, "Conflict with context");
            }
            Self::ResourceNotFound {
                resource_type,
                resource_id,
            } => {
                tracing::error!(
                    error = %self,
                    resource_type = %resource_type,
                    resource_id = %resource_id,
                    "Resource not found with context"
                );
            }
            // For wrapped errors, include the source error context
            Self::UserError(err) => {
                tracing::error!(error = %self, source_error = %err, "User error with context");
            }
            Self::OAuth2Error(err) => {
                tracing::error!(error = %self, source_error = %err, "OAuth2 error with context");
            }
            Self::PasskeyError(err) => {
                tracing::error!(error = %self, source_error = %err, "Passkey error with context");
            }
            Self::SessionError(err) => {
                tracing::error!(error = %self, source_error = %err, "Session error with context");
            }
            Self::UtilsError(err) => {
                tracing::error!(error = %self, source_error = %err, "Utils error with context");
            }
            Self::InvalidResponseMode(msg) => {
                tracing::error!(error = %self, message = %msg, "Invalid response mode with context");
            }
        }
        self
    }

    /// Create error with full debugging context including backtraces
    ///
    /// This method captures the current span context and any available
    /// error backtrace information for comprehensive error debugging.
    pub fn with_span_context(self) -> Self {
        // If tracing-error is properly configured, this will include span context
        if tracing::log::log_enabled!(tracing::log::Level::Error) {
            let span_name = tracing::Span::current()
                .metadata()
                .map(|m| m.name())
                .unwrap_or("unknown");
            tracing::error!(
                error = %self,
                span_context = span_name,
                "Error with full span context captured"
            );
        } else {
            tracing::error!(
                error = %self,
                "Error captured without span context"
            );
        }
        self
    }
}

// Custom From implementations that automatically log errors

impl From<OAuth2Error> for CoordinationError {
    fn from(err: OAuth2Error) -> Self {
        let error = Self::OAuth2Error(err);
        tracing::error!("{}", error);
        error
    }
}

impl From<PasskeyError> for CoordinationError {
    fn from(err: PasskeyError) -> Self {
        let error = Self::PasskeyError(err);
        tracing::error!("{}", error);
        error
    }
}

impl From<SessionError> for CoordinationError {
    fn from(err: SessionError) -> Self {
        let error = Self::SessionError(err);
        tracing::error!("{}", error);
        error
    }
}

impl From<UserError> for CoordinationError {
    fn from(err: UserError) -> Self {
        let error = Self::UserError(err);
        tracing::error!("{}", error);
        error
    }
}

impl From<UtilError> for CoordinationError {
    fn from(err: UtilError) -> Self {
        let error = Self::UtilsError(err);
        tracing::error!("{}", error);
        error
    }
}

#[cfg(test)]
mod tests;