securitydept_creds/
error.rs

1//! Error types for Basic Authentication.
2use http::StatusCode;
3use securitydept_utils::{
4    error::{ErrorPresentation, ToErrorPresentation, UserRecovery},
5    http::ToHttpStatus,
6};
7use snafu::Snafu;
8
9/// Result type alias for Basic Authentication operations.
10pub type CredsResult<T> = Result<T, CredsError>;
11
12/// Errors that can occur during Basic Authentication.
13#[derive(Debug, Snafu)]
14#[snafu(visibility(pub))]
15pub enum CredsError {
16    #[snafu(display("Invalid credentials format: {message}"))]
17    InvalidCredentialsFormat { message: String },
18    #[snafu(display("Invalid basic credentials: username or password is incorrect"))]
19    InvalidBasicCredentials,
20
21    #[snafu(display("Invalid static token credentials: token is incorrect"))]
22    InvalidStaticTokenCredentials,
23
24    #[snafu(display("Configuration error: {message}"))]
25    ConfigError { message: String },
26
27    #[snafu(display("Password hash error: {message}"))]
28    PasswordHash { message: String },
29
30    #[snafu(display("Random bytes error: {message}"))]
31    RandomBytes { message: String },
32
33    #[cfg(feature = "jwt")]
34    #[snafu(display("JSON Web Token error: {source}"))]
35    JSONWebToken { source: jsonwebtoken::errors::Error },
36
37    #[cfg(feature = "jwe")]
38    #[snafu(display("JWE error: {source}"))]
39    JoseKit { source: josekit::JoseError },
40}
41
42impl ToHttpStatus for CredsError {
43    fn to_http_status(&self) -> StatusCode {
44        match self {
45            CredsError::InvalidCredentialsFormat { .. }
46            | CredsError::InvalidBasicCredentials
47            | CredsError::InvalidStaticTokenCredentials => StatusCode::UNAUTHORIZED,
48            #[cfg(feature = "jwt")]
49            CredsError::JSONWebToken { .. } => StatusCode::UNAUTHORIZED,
50            #[cfg(feature = "jwe")]
51            CredsError::JoseKit { .. } => StatusCode::UNAUTHORIZED,
52            CredsError::PasswordHash { .. }
53            | CredsError::ConfigError { .. }
54            | CredsError::RandomBytes { .. } => StatusCode::INTERNAL_SERVER_ERROR,
55        }
56    }
57}
58
59impl ToErrorPresentation for CredsError {
60    fn to_error_presentation(&self) -> ErrorPresentation {
61        match self {
62            CredsError::InvalidCredentialsFormat { .. } => ErrorPresentation::new(
63                "auth_invalid_credentials_format",
64                "The provided credentials are invalid.",
65                UserRecovery::Reauthenticate,
66            ),
67            CredsError::InvalidBasicCredentials => ErrorPresentation::new(
68                "auth_invalid_basic_credentials",
69                "Username or password is incorrect.",
70                UserRecovery::Reauthenticate,
71            ),
72            CredsError::InvalidStaticTokenCredentials => ErrorPresentation::new(
73                "auth_invalid_static_token",
74                "The access token is invalid.",
75                UserRecovery::Reauthenticate,
76            ),
77            #[cfg(feature = "jwt")]
78            CredsError::JSONWebToken { .. } => ErrorPresentation::new(
79                "auth_invalid_token",
80                "The access token is invalid or expired.",
81                UserRecovery::Reauthenticate,
82            ),
83            #[cfg(feature = "jwe")]
84            CredsError::JoseKit { .. } => ErrorPresentation::new(
85                "auth_invalid_token",
86                "The access token is invalid or expired.",
87                UserRecovery::Reauthenticate,
88            ),
89            CredsError::PasswordHash { .. }
90            | CredsError::ConfigError { .. }
91            | CredsError::RandomBytes { .. } => ErrorPresentation::new(
92                "auth_temporarily_unavailable",
93                "Authentication is temporarily unavailable.",
94                UserRecovery::ContactSupport,
95            ),
96        }
97    }
98}
securitydept_creds/error.rs

securitydept_creds/
error.rs
