rust_mcp_sdk/auth/
error.rs

1use serde::Serialize;
2use serde_json::{json, Value};
3use thiserror::Error;
4
5#[derive(Debug, Error, Clone, Serialize)]
6#[serde(tag = "error", rename_all = "snake_case")]
7pub enum AuthenticationError {
8    #[error("No token verification endpoint available in metadata.")]
9    NoIntrospectionEndpoint,
10
11    #[error("failed to retrieve JWKS from the authorization server : {0}")]
12    Jwks(String),
13
14    #[error("{description}")]
15    InvalidToken { description: &'static str },
16
17    #[error("Inactive Token")]
18    InactiveToken,
19
20    #[error("Resource indicator (aud) missing.")]
21    AudiencesAttributeMissing,
22
23    #[error(
24        "Insufficient scope: you do not have the necessary permissions to perform this action."
25    )]
26    InsufficientScope,
27
28    #[error("None of the provided audiences are allowed. Expected ${expected}, got: ${received}")]
29    AudienceNotAllowed { expected: String, received: String },
30
31    #[error("Invalid or expired token: {0}")]
32    InvalidOrExpiredToken(String),
33
34    #[error("{description}")]
35    TokenVerificationFailed {
36        description: String,
37        status_code: Option<u16>,
38    },
39
40    #[error("{description}")]
41    ServerError { description: String },
42
43    #[error("{0}")]
44    ParsingError(String),
45
46    #[error("{0}")]
47    NotFound(String),
48}
49
50impl AuthenticationError {
51    pub fn as_json_value(&self) -> Value {
52        let serialized = serde_json::to_value(self).unwrap_or(Value::Null);
53        let error_name = serialized
54            .get("error")
55            .and_then(|v| v.as_str())
56            .unwrap_or("unknown_error");
57        json!({
58            "error": error_name,
59            "error_description": self.to_string()
60        })
61    }
62}