Skip to main content

AuthError

fraiseql_auth::error

Enum AuthError 

Source 
#[non_exhaustive]
pub enum AuthError {

Show 22 variants    InvalidToken {
        reason: String,
    },
    TokenExpired,
    InvalidSignature,
    MissingClaim {
        claim: String,
    },
    InvalidClaimValue {
        claim: String,
        reason: String,
    },
    OAuthError {
        message: String,
    },
    SessionError {
        message: String,
    },
    DatabaseError {
        message: String,
    },
    ConfigError {
        message: String,
    },
    OidcMetadataError {
        message: String,
    },
    PkceError {
        message: String,
    },
    InvalidState,
    TokenNotFound,
    SessionRevoked,
    Forbidden {
        message: String,
    },
    Internal {
        message: String,
    },
    SystemTimeError {
        message: String,
    },
    RateLimited {
        retry_after_secs: u64,
    },
    MissingNonce,
    NonceMismatch,
    MissingAuthTime,
    SessionTooOld {
        age: i64,
        max_age_secs: u64,
    },

}
Expand description

All errors that can arise in the authentication and authorization layer.

Each variant maps to an appropriate HTTP status code via the axum::response::IntoResponse implementation in middleware.rs. Internal details are never forwarded to API clients — the IntoResponse impl always returns a generic user-facing message and logs the internal reason via tracing::warn!.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

InvalidToken

A supplied token could not be parsed or validated. The reason field contains internal diagnostic detail and must not be sent to API clients.

Fields

§reason: String

Internal description of why the token is invalid (not forwarded to callers).

§

TokenExpired

The token’s exp claim is in the past.

§

InvalidSignature

The token’s cryptographic signature did not verify against the expected key.

§

MissingClaim

A required JWT claim (sub, iss, aud, etc.) was absent from the token.

Fields

§claim: String

Name of the missing claim (e.g., "sub", "aud").

§

InvalidClaimValue

A claim was present but its value did not satisfy the validator’s constraints.

Fields

§claim: String

Name of the claim that failed validation.

§reason: String

Internal description of the validation failure (not forwarded to callers).

§

OAuthError

An error was returned by the upstream OAuth provider (e.g., during code exchange). The message field must not be forwarded to API clients — it may contain provider-internal URLs, error codes, or rate-limit state.

Fields

§message: String

Provider-internal error message (not forwarded to callers).

§

SessionError

A session-store operation failed (creation, lookup, or revocation).

Fields

§message: String

Internal session error details (not forwarded to callers).

§

DatabaseError

A database operation within the auth layer failed. Must never be forwarded to API clients — the message may reveal connection strings, query structure, or infrastructure topology.

Fields

§message: String

Internal database error message (not forwarded to callers).

§

ConfigError

The auth subsystem was misconfigured or a required configuration value was missing. Must never be forwarded to API clients — the message may reveal file paths, environment variable names, or key material.

Fields

§message: String

Internal configuration error details (not forwarded to callers).

§

OidcMetadataError

Fetching or parsing the OIDC discovery document failed.

Fields

§message: String

Internal metadata fetch error details (not forwarded to callers).

§

PkceError

A PKCE (Proof Key for Code Exchange, RFC 7636) operation failed.

Fields

§message: String

Internal PKCE error details (not forwarded to callers).

§

InvalidState

The OAuth state parameter did not match any stored CSRF token. This may indicate a replay attack or an expired authorization flow.

§

TokenNotFound

No Authorization: Bearer <token> header was present in the request.

§

SessionRevoked

The session associated with a refresh token has been explicitly revoked.

§

Forbidden

The authenticated user lacks the required permission for the requested operation. The message field contains the specific permission check detail and must not be forwarded to API clients in full (it reveals internal role/permission names).

Fields

§message: String

Internal permission check details (not forwarded to callers).

§

Internal

An unexpected internal error occurred. Must never be forwarded to API clients.

Fields

§message: String

Internal error details (not forwarded to callers).

§

SystemTimeError

The system clock returned an unexpected value during a time-sensitive operation. This typically indicates a misconfigured system clock or clock rollback.

Fields

§message: String

Internal system time error details (not forwarded to callers).

§

RateLimited

The client exceeded the configured rate limit for this endpoint. Unlike most other variants, the retry window is safe to forward to clients.

Fields

§retry_after_secs: u64

How many seconds the client must wait before retrying.

§

MissingNonce

The OIDC ID token is missing the required nonce claim.

Returned when an expected nonce was provided for comparison but the token does not carry a nonce claim. May indicate a misconfigured provider or a token replay attempt using a stripped token. See RFC 6749 §10.12 / OpenID Connect Core §3.1.3.7.

§

NonceMismatch

The nonce claim in the ID token does not match the expected value.

Indicates a possible token replay or session fixation attack. See RFC 6749 §10.12 / OpenID Connect Core §3.1.3.7.

§

MissingAuthTime

The OIDC ID token is missing the auth_time claim when max_age was requested.

When max_age is sent in the authorization request, the provider MUST include auth_time in the ID token. Its absence indicates a non-conformant provider. See OpenID Connect Core §3.1.3.7.

§

SessionTooOld

The session authentication time exceeds the allowed max_age.

The provider authenticated the user too long ago for this request’s max_age constraint. The user must re-authenticate to obtain a fresh session. See OpenID Connect Core §3.1.3.7.

Fields

§age: i64

How many seconds ago the session was authenticated.

§max_age_secs: u64

Maximum allowed authentication age in seconds (from the authorization request).

Trait Implementations§

Source§

impl Clone for AuthError

Source§

fn clone(&self) -> AuthError

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AuthError

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Display for AuthError

Source§

fn fmt(&self, __formatter: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Error for AuthError

1.30.0 · Source§

fn source(&self) -> Option<&(dyn Error + 'static)>

Returns the lower-level source of this error, if any. Read more
1.0.0 · Source§

fn description(&self) -> &str

👎Deprecated since 1.42.0:

use the Display impl or to_string()

Read more
1.0.0 · Source§

fn cause(&self) -> Option<&dyn Error>

👎Deprecated since 1.33.0:

replaced by Error::source, which can support downcasting

Source§

fn provide<'a>(&'a self, request: &mut Request<'a>)

🔬This is a nightly-only experimental API. (error_generic_member_access)
Provides type-based access to context intended for error reports. Read more
Source§

impl IntoResponse for AuthError

Source§

fn into_response(self) -> Response

Create a response.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FromRef<T> for T
where T: Clone,

Source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
Source§

impl<T, S> Handler<IntoResponseHandler, S> for T
where T: IntoResponse + Clone + Send + Sync + 'static,

Source§

type Future = Ready<Response<Body>>

The type of future calling this handler returns.
Source§

fn call( self, _req: Request<Body>, _state: S, ) -> <T as Handler<IntoResponseHandler, S>>::Future

Call the handler with the given request.
Source§

fn layer<L>(self, layer: L) -> Layered<L, Self, T, S>
where L: Layer<HandlerService<Self, T, S>> + Clone, <L as Layer<HandlerService<Self, T, S>>>::Service: Service<Request<Body>>,

Apply a tower::Layer to the handler. Read more
Source§

fn with_state(self, state: S) -> HandlerService<Self, T, S>

Convert the handler into a Service by providing the state
Source§

impl<H, T> HandlerWithoutStateExt<T> for H
where H: Handler<T, ()>,

Source§

fn into_service(self) -> HandlerService<H, T, ()>

Convert the handler into a Service and no state.
Source§

fn into_make_service(self) -> IntoMakeService<HandlerService<H, T, ()>>

Convert the handler into a MakeService and no state. Read more
Source§

fn into_make_service_with_connect_info<C>( self, ) -> IntoMakeServiceWithConnectInfo<HandlerService<H, T, ()>, C>

Convert the handler into a MakeService which stores information about the incoming connection and has no state. Read more
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<E> Sanitize for E
where E: Display,

Source§

fn sanitized(self, user_message: &str) -> SanitizedError

Convert to a sanitized error
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T> ToStringFallible for T
where T: Display,

Source§

fn try_to_string(&self) -> Result<String, TryReserveError>

ToString::to_string, but without panic on OOM.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,