Skip to main content

IssueError

ppoppo_token::id_token

Enum IssueError 

Source 
pub enum IssueError {
    KeyMismatch {
        cfg_kid: String,
        signer_kid: String,
    },
    JsonEncode(String),
    ClockBackwards,
    EmissionDisallowed(String),
}
Expand description

id_token-specific issuance failure modes (Phase 10.10).

Variants§

§

KeyMismatch

IssueConfig.kid does not match the kid associated with the supplied SigningKey. Emitted before any encoding work happens so a misconfigured pipeline fails closed instead of issuing id_tokens against an unrecognized kid. Mirrors access_token::IssueError::KeyMismatch exactly — the engine’s kid-matching pre-flight is profile-agnostic, but each profile owns its own variant so audit logs don’t have to disambiguate “kid mismatch on which profile”.

Fields

§cfg_kid: String
§signer_kid: String
§

JsonEncode(String)

jsonwebtoken::encode failed at the JSON serialization step. In practice this only fires when an IssueRequest<S> field overflows the JSON number range — the registered claims are all integers within i64, so production paths cannot hit it. Listed for completeness so the engine never panics on serialization.

§

ClockBackwards

System clock is before UNIX_EPOCH. Cannot happen on a correctly configured machine; surfaces only on hardware-reset / NTP-broken edge cases. Listed for completeness so the engine refuses to emit garbage timestamps rather than panicking.

§

EmissionDisallowed(String)

β1 runtime allowlist guard (Phase 10.10) — IssueRequest<S> carries a populated PII field whose wire name is NOT in S::names(). The HasX-gated builders prevent this at the typed API surface (calling .with_email(...) on an IssueRequest<Openid> is a compile error); this variant is the runtime mirror — fires when intra-crate code bypasses the builders via pub(crate) struct-literal access and pushes a PII field through anyway. Symmetric to verify-side M72 (AuthError::UnknownClaim) — the engine refuses to emit a claim it would refuse to accept. Carries the offending wire name so audit logs see WHICH claim tripped the gate.

Trait Implementations§

Source§

impl Debug for IssueError

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Display for IssueError

Source§

fn fmt(&self, __formatter: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Error for IssueError

1.30.0 · Source§

fn source(&self) -> Option<&(dyn Error + 'static)>

Returns the lower-level source of this error, if any. Read more
1.0.0 · Source§

fn description(&self) -> &str

👎Deprecated since 1.42.0:

use the Display impl or to_string()

Read more
1.0.0 · Source§

fn cause(&self) -> Option<&dyn Error>

👎Deprecated since 1.33.0:

replaced by Error::source, which can support downcasting

Source§

fn provide<'a>(&'a self, request: &mut Request<'a>)

🔬This is a nightly-only experimental API. (error_generic_member_access)
Provides type-based access to context intended for error reports. Read more
Source§

impl PartialEq for IssueError

Source§

fn eq(&self, other: &IssueError) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 (const: unstable) · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Eq for IssueError

Source§

impl StructuralPartialEq for IssueError

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more